On Sat, 7 Nov 2009, Sandy Harris wrote:
I'm in China and use SSL/TLS for quite a few things. Proxy connections,
Gmail set to always use https and so on. This is the main defense for
me and many others against the Great Firewall.
Should I be worrying about man-in-the-middle attacks from the
On 11/6/09, mhey...@gmail.com mhey...@gmail.com wrote:
From http://www.ietf.org/mail-archive/web/tls/current/msg03928.html
and http://extendedsubset.com/?p=8
From what I gather, when TLS client certificates are used, an attacker
can post a command to a victim server and have it