On Mon, Oct 6, 2014 at 5:37 AM, Eric S Johnson <[email protected]> wrote:
> > > I just got back to CN from a vacation. Iām now (in all three main > > > Windows browsers) seeing yahoo.com automatically flip over to > > > HTTPS--and then give a bad cert error. The *root* cert is listed as > > > yahoo.com and is valid ā23 Sep 14 to 23 Sep 15.ā > > > GreatFire.org seems to have seen the same. At least the certificate > life time is > > identical: > > <https://twitter.com/GreatFireChina/status/516872770270269440> > > That's exciting. For the record, "the problem" occurred this morning, but > is now no longer in evidence. (I've been out of the country for a week, so > wouldn't've noticed the problem until now.) > > Best, > Eric > > -- > Liberationtech is public & archives are searchable on Google. Violations > of list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. > Unsubscribe, change to digest, or change password by emailing moderator at > [email protected]. > Here's a link to an analysis of the MITM attack. http://www.netresec.com/?page=Blog&month=2014-10&post=Verifying-Chinese-MITM-of-Yahoo Bill
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
