On Thu, Aug 20, 2009 at 10:52:45AM +0200, Alexander Reichle-Schmehl wrote: > Hi! > > > * Package name : sslsniff > > Version : 0.6 > > Upstream Author : Moxie Marlinspike <[email protected]> > > * URL : http://www.thoughtcrime.org/software/sslsniff/ > > * License : GPLv3 > > Programming Lang: C++ > > Description : SSL/TLS man-in-the-middle attack tool > > Maybe I miss something, but what's the intended (legal) purpouse of this > tool? Is there anything else but being a proof of concept that such > things are possible? >
Hi, sslsniff is a very useful tool for security assessment, especially when verifying if certificate checking code is correct in applications. It can also help understanding protocols by standing as a man-in-the-middle application, able to log the decrypted session of the protocol. I'd say it's a nice tool to have for people working (or interested) in security. Regards, Pierre -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

