[Clo-devel] HTTPS
Stelian Ionescu
sionescu at cddr.org
Wed Jan 28 14:35:29 UTC 2015
[...]
> Unfortunately, MITM is also possible for SSL and SSH (
> http://en.wikipedia.org/wiki/Man-in-the-middle_attack#Implementations
> lists
> publicly available implementations to execute them!).
>
> To mitigate the attack, basically the only option listed at
> http://en.wikipedia.org/wiki/Man-in-the-middle_attack#Defenses_against_the_attack
> that's available to us, hasn't been implemented (yet) by most large
> parties
> either (definitely not GitHub or Google): it's the roll-out of DNSSEC.
I suggest you read
https://www.imperialviolet.org/2015/01/17/notdane.html before putting
your hopes into DNSSEC.
--
Stelian Ionescu a.k.a. fe[nl]ix
Quidquid latine dictum sit, altum videtur.
http://common-lisp.net/project/iolib
More information about the clo-devel
mailing list