Comment by geofft
11 years ago
That's all good in theory, but there have been demonstrated attacks against man-in-the-middle-able protocols and we've lacked the ability to respond usefully, precisely because the protocols were designed to be man-in-the-middle-able. Everyone knows it's happening and it's even easier to detect than your example, but there's nothing useful to do with that knowledge other than complain.
https://www.eff.org/deeplinks/2014/11/starttls-downgrade-att...
No comments yet
Contribute on Hacker News ↗