From: "Peter Gutmann" <[email protected]>
To: [email protected]
Sent: Monday, September 19, 2011 2:32:21 PM
Subject: Re: [cryptography] Another data point on SSL   "trusted"       root    
CA      reliability (S Korea)

Ralph Holz <[email protected]> writes:

>In terms of warkitting routers, they're pretty much all vulnerable [0], so all
>you'd need to do after that is exploit the "CA" certs.  OTOH if you can warkit
>a router you can also drop sslstrip on it, and at that point it's game over
>for the user whether you have a CA cert or not.

Does this warkitting require physical access to the router?  
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to