Hello everyone,
I'd like to discuss the potential impacts of a man-in-the-middle (MitM) attacker after a fraudulent certificate is issued. I hope someone can provide answers or recommend relevant materials addressing these questions: 1. After a fraudulent certificate is discovered, how long does it typically take to remove the fraudulent certificate and the associated CA to eliminate potential MitM attacks? 2. State-level MitM attacks often involve hijacking critical network nodes, suggesting such attacks typically exhibit geographic characteristics. Is it reasonable to assume that for most countries or regions, at least one victim node would escape the compromised environment within a day (e.g., by using a VPN or relocating their physical location)? If not, what would be a more accurate timeframe? Sincerely looking forward to your reply, Jin Tong -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/2177e84b-e4a5-42bb-8782-56044ee09993n%40mozilla.org.
