[clug] OT: Protesting the proposed clean feed?
Peter Barker
pbarker at barker.dropbear.id.au
Thu Oct 23 10:38:07 GMT 2008
On Thu, 23 Oct 2008, Nathan Rickerby wrote:
> The ISP having access to the unencrypted data is not the only issue.
> There are more.
Doubtless :) Public confidence I'd suggest being one of the most
important.
> Without a method for seeing the certificate the ISP gets when making the
> second https connection, how can you verify they are connecting to the
> true intended destination. The connection could be man-in-the-middled
> again between the ISP and your bank.
I'd have thought that connection would be secure; the ISP can verify
certificates as well as you can :) And since they're doing a MitM attack
against you, they can even present you with a bad-certificate message
(with advertising).
> Nathan
Yours,
--
Peter Barker | Programmer,Sysadmin,Geek.
pbarker at barker.dropbear.id.au | You need a bigger hammer.
:: It's a hack! Expect underscores! - Nigel Williams
More information about the linux
mailing list