On 12/04/11 12:21, Ralph Holz wrote: > Hi, > >> Hypothetical question: assume enough people get educated how to spot the MitM >> box at work/airport/hotel. Let's say few of them post the MitM chains >> publicly >> which point to a big issuing CA. It was said (by Peter I think) that nothing >> would likely happen to big issuing CAs (too-big-to-fail). Would the MitM-ing >> sub-CAs take the fall? (lose license and invested funds) > > We're actually about to release a little tool that does exactly that, > report the encountered MitM for further scrutiny.
Great! I had some ideas how to implement and spread it, awesome to hear that that you beat me to it :-) Ondrej _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
