Hi,

> Hypothetical question: assume enough people get educated how to spot the MitM
> box at work/airport/hotel. Let's say few of them post the MitM chains publicly
> which point to a big issuing CA. It was said (by Peter I think) that nothing
> would likely happen to big issuing CAs (too-big-to-fail). Would the MitM-ing
> sub-CAs take the fall? (lose license and invested funds)

We're actually about to release a little tool that does exactly that,
report the encountered MitM for further scrutiny.

Ralph

-- 
Dipl.-Inform. Ralph Holz
I8: Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to