|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Sun, 02 Oct 2011 11:01:41 -0700 From: Michael Thomas <mike@mtcc.com> To: William Allen Simpson <william.allen.simpson@gmail.com> In-Reply-To: <4E889EE4.7090600@gmail.com> Cc: nanog@nanog.org Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org William Allen Simpson wrote: > On 10/2/11 12:36 PM, Jimmy Hess wrote: >> On Sun, Oct 2, 2011 at 10:38 AM, Michael Thomas<mike@mtcc.com> wrote: >>> I'm not sure why lack of TLS is considered to be problem with Facebook. >>> The man in the middle is the other side of the connection, tls or >>> otherwise. >> >> That's where the X509 certificate comes in. A man in the middle >> would not have the proper private key to impersonate the Facebook >> server that the certificate was issued to. >> > My understanding of his statement is that Facebook itself is the MITM, > collecting all our personal information. Too true. Bingo. Mike
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |