On Sun, Aug 31, 2014 at 15:02:03 -0700, Tod Merley <todbot88@xxxxxxxxx> wrote:
Heinz thanks for reminding me about looking at certificates by clicking the padlock. I also note that they have the ability to export and so I suppose a comparison could be made through that as well. General question - can one spoof a certificate? I suppose "man in the middle" is simply nasty.
You might be tricked into going to a site that has a valid certificate for that site, but isn't really the site you expected to be at.
The certificate might be signed by a CA in your browser that isn't a normal CA. This is common for work PCs where ssl traffic is proxied.
The certificate might be signed by a normal CA, but might have be issued in error or at the request of law enforcement for someone other than the parties responsible for the site you are visiting.
The certificate might have used a key with too little entropy and it was possible to guess the private key allowing someone else to make use of the normal public part.
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
