On Friday, August 08, 2014 12:29:31 AM slush wrote:
> AFAIK the only protection is SSL + certificate validation on client side.
> However certificate revocation and updates in miners are pain in the ass,
> that's why majority of pools (mine including) don't want to play with
> that...

Certificate validation isn't needed unless the attacker can do a direct MITM 
at connection time, which is a lot harder to maintain than injecting a 
client.reconnect. This, combined with your concern about up to date 
certs/revokes/etc, is why BFGMiner defaults to TLS without cert checking for 


Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
Bitcoin-development mailing list

Reply via email to