[Cryptography] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
Patrick
patrick at rayservers.net
Thu Nov 2 11:32:27 EDT 2017
grarpamp wrote on 11/01/2017 07:10 PM:
>> server uses its own certificate authority to
>> lessen the potential for a MITM attack.
>
> Many mixup rogue CA with MITM.
> Private CA rarely mitigates either since
> a) full stock of public roots usually still installed and active
> b) fingerprints / certs still rarely pinned down
> c) possible MITM's exist at many layers
You're providing a good checklist for VPN vetting. In my particular
case everything is pinned down and cannot be bypassed. No other
authorities or certificates are trusted.
-- Patrick
More information about the cryptography
mailing list