Changes between Initial Version and Version 1 of Ticket #2142, comment 15


Ignore:
Timestamp:
2013-12-28T15:30:22Z (11 years ago)
Author:
amontero
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #2142, comment 15

    initial v1  
    886. Worse, someone attempts MITM. Now you could at least get a warning sign that you're under fire. You better check fingerprints.
    99
    10 I'm aware that 6 validity depends on certificate inners and browser behavior that sometimes I'm just assuming, but not certain about it. It depends on how well browsers (ie client-side) shield you from each one of all the range of attacks. But at least would rise a little the bar in some scenarios, as point 5 would stand.
    11 However, here I'm at the limit of crypto/MITM knowledge and any assumption could be wrong. It might only prevent against sniffing and not be safe event to simplest MITM, not sure.
     10I'm aware that 6 validity depends on certificate inners and browser behavior that sometimes I'm just assuming, but not certain about it. It depends on how well browsers (ie client-side) shield you from each one of all the range of attacks. But at least would rise a little the bar in some scenarios, as point 5 would stand. However, here I'm at the limit of crypto/MITM knowledge and any assumption could be wrong. It might only prevent against sniffing and not be safe even to simplest MITM, not sure.