Fastream Technologies wrote:
> Hello,
> Glad that it interested you..! Anyway, I wonder if ICS TSslHttpCli
> uses EV SSL certs and whether it is vulnerable.

Never heard of EV certificates. As I read the article it's some kind
of "man in the middle" attack downgrading a secure to a plain text
connection and spoofing some security indicators like the yellow lock
icon in browsers. Detecting "man in the middle" attacks is possible 
with ICS-SSL however not a built-in feature. The application developer
is responsible to handle this properly. Method PostConnectionCheck()
provides easy detection of such attacks, have look at the HTTP client

Arno Garrels

To unsubscribe or change your settings for TWSocket mailing list
please goto
Visit our website at

Reply via email to