On 12/04/11 12:21, Ralph Holz wrote:
> Hi,
> 
>> Hypothetical question: assume enough people get educated how to spot the MitM
>> box at work/airport/hotel. Let's say few of them post the MitM chains 
>> publicly
>> which point to a big issuing CA. It was said (by Peter I think) that nothing
>> would likely happen to big issuing CAs (too-big-to-fail). Would the MitM-ing
>> sub-CAs take the fall? (lose license and invested funds)
> 
> We're actually about to release a little tool that does exactly that,
> report the encountered MitM for further scrutiny.

Great! I had some ideas how to implement and spread it, awesome to hear that
that you beat me to it :-)

Ondrej
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to