Thread: Not sure if I can ask this on this forum
View Single Post
Old 02-19-2016, 09:28 AM   #46
pdurrant
The Grand Mouse 高貴的老鼠
pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.pdurrant ought to be getting tired of karma fortunes by now.
 
pdurrant's Avatar
 
Posts: 74,209
Karma: 317184274
Join Date: Jul 2007
Location: Norfolk, England
Device: Kindle Oasis
Quote:
Originally Posted by ApK View Post
BTW, does anyone know: Can a MitM attack be successfully executed, in the real world, if you check that the server shows a properly issued SSL cert? That is, assuming your browser is not compromised, if you actually check that the cert is issued to the correct domain from a trusted root, is there a legitimate chance of there being a MitM? I'm seriously asking because I'm not that versed in the implementation details of SSL or proxies.
I think that if you check the certificate fully, there can't be a MITM, at least, not without compromising the server or the trusted roots.

But I'm by no means an expert.
pdurrant is offline   Reply With Quote