[clug] OT: Protesting the proposed clean feed?

David Schoen neerolyte at gmail.com
Thu Oct 23 11:45:01 GMT 2008

On Thu, Oct 23, 2008 at 10:20 PM, Alex Satrapa <grail at goldweb.com.au> wrote:

> On 23/10/2008, at 21:38 , Peter Barker wrote:
>  I'd have thought that connection would be secure; the ISP can verify
>> certificates as well as you can :)  And since they're doing a MitM attack
>> against you, they can even present you with a bad-certificate message (with
>> advertising).
> Why would they bother?
Bit of a laugh?

But seriously wouldn't it be against their best interests to implement this
checking. If a banks site (or something similar) ever gets attacked in this
sort of way the bank would just say that the ISPs must have been responsible
for it, but if the ISP wasn't really checking the certificates they could
just shrug and say "someone else was MITMing you".

More information about the linux mailing list