Re: explicitly including other ciphers for use with https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

what gives you the suggestion that the user agent or the httpd server would notice any modification of plaintext bytes in transit through a router or other network intermediate?
Isn't this authentication is for?

--

With Best Regards,
Marat Khalili

On 08/12/15 08:54, William A Rowe Jr wrote:

On Dec 7, 2015 11:36 PM, "Marat Khalili" <mkh@xxxxxx> wrote:
>>
>> Everything *after* that handshake, in cleartext, is open for inspection or for manipulation
>
> Are you sure about the manipulation part? Why do you think encryption helps here then?

To turn the question around, what gives you the suggestion that the user agent or the httpd server would notice any modification of plaintext bytes in transit through a router or other network intermediate?


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux