TLS man in the middle

mheyman at mheyman at
Fri Nov 6 06:22:07 EST 2009

>From <>
and <>

>From what I gather, when TLS client certificates are used, an attacker
can post a command to a victim server and have it authenticated by a
legitimate client.

-Michael Heyman

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list