[prev in list] [next in list] [prev in thread] [next in thread]
List: cryptography
Subject: Re: [Cryptography] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
From: Patrick <patrick () rayservers ! net>
Date: 2017-11-02 15:32:27
Message-ID: 1b0a3370-d556-df7b-184e-29ce529ca8c4 () rayservers ! net
[Download RAW message or body]
grarpamp wrote on 11/01/2017 07:10 PM:
>> server uses its own certificate authority to
>> lessen the potential for a MITM attack.
>
> Many mixup rogue CA with MITM.
> Private CA rarely mitigates either since
> a) full stock of public roots usually still installed and active
> b) fingerprints / certs still rarely pinned down
> c) possible MITM's exist at many layers
You're providing a good checklist for VPN vetting. In my particular
case everything is pinned down and cannot be bypassed. No other
authorities or certificates are trusted.
-- Patrick
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic