[145035] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

TLS man in the middle

daemon@ATHENA.MIT.EDU (mheyman@gmail.com)
Fri Nov 6 10:52:52 2009

Date: Fri, 6 Nov 2009 06:22:07 -0500
From: "mheyman@gmail.com" <mheyman@gmail.com>
To: Cryptography <cryptography@metzdowd.com>

>From <http://www.ietf.org/mail-archive/web/tls/current/msg03928.html>
and <http://extendedsubset.com/?p=8>

>From what I gather, when TLS client certificates are used, an attacker
can post a command to a victim server and have it authenticated by a
legitimate client.

-Michael Heyman

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[145035] in cryptography@c2.net mail archive

TLS man in the middle

daemon@ATHENA.MIT.EDU (mheyman@gmail.com)Fri Nov 6 10:52:52 2009

daemon@ATHENA.MIT.EDU (mheyman@gmail.com)
Fri Nov 6 10:52:52 2009