Hi, > Hypothetical question: assume enough people get educated how to spot the MitM > box at work/airport/hotel. Let's say few of them post the MitM chains publicly > which point to a big issuing CA. It was said (by Peter I think) that nothing > would likely happen to big issuing CAs (too-big-to-fail). Would the MitM-ing > sub-CAs take the fall? (lose license and invested funds)
We're actually about to release a little tool that does exactly that, report the encountered MitM for further scrutiny. Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
