|
|
|
|
|
|
by wsxarcher
3514 days ago
|
|
|
Maybe you didn't understood the whole concept.
Read the first mail better. Maybe the with the android case of VPN is more easy to understand. If you just install the key of your VPN service, to avoid spoofing of that VPN, you also expose yourself to another problem, the risk of a stolen private key. That can be used to sniff you everywhere, VPN, HTTPS, etc... In the case of Linux, if someone stole my private key of the VPN, my only problem is the VPN, not the whole architecture. because the attacker can only use that private key to spoof my VPN service. About the sentence "If you install a root CA certificate, yes, your machine will trust any certificates that it signs.
". Not on Linux. |
|
|