On Mon, Sep 30, 2013 at 10:35 AM, Igor Bukanov i...@mir2.org wrote:
To fight with this issue a help from the browser is essential. One
possibility is to replace HTTPS with SRP (srp.stanford.edu) or J-PAKE
like protocol that allows for the user and the server *mutually*
verify each other
-- Forwarded message --
From: Igor Bukanov i...@mir2.org
Date: 11 October 2013 15:02
Subject: Re: Defending against malicious SSL proxy
To: Brian Smith br...@briansmith.org
From a practical point of view anything that requires changes in the
existing SSL infrastructure cannot be