From: "Peter Gutmann" <[email protected]> To: [email protected] Sent: Monday, September 19, 2011 2:32:21 PM Subject: Re: [cryptography] Another data point on SSL "trusted" root CA reliability (S Korea)
Ralph Holz <[email protected]> writes: >In terms of warkitting routers, they're pretty much all vulnerable [0], so all >you'd need to do after that is exploit the "CA" certs. OTOH if you can warkit >a router you can also drop sslstrip on it, and at that point it's game over >for the user whether you have a CA cert or not. Does this warkitting require physical access to the router? _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
