Am 28.02.2013 18:15, schrieb Salz, Rich:
*The* John Nagle?
Comparing his mail address with the content of
http://lambda-the-ultimate.org/user/12742 seems to answer the question
with Yes ;-).
Best regards,
Richard
__
John,
To detect MITM in a browser context, some people are running Flash
programs or applets to open raw TCP connections to retrieve
certificates seen on the wire. Then they compare them with what they
are supposed to be seeing. There's some information about this
approach in this presentation
The conventional wisdom is that it's not possible to detect MITM
attacks other than by using some trusted path to validate the
credentials from the other end. But that's not quite true.
When an attacker decrypts with one key and re-encrypts with
another, the encrypted bit stream changes. Both
*The* John Nagle?
One possibility is to write your own BIO, perhaps based on the sock_bio, that
buffers the bytes and makes it available.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
__
OpenSSL
