|
|
|
|
|
|
by mercutio2
2775 days ago
|
|
|
“That’s simply not possible with SSL” I agree that we don’t currently know of easy attacks on SSL if you’re pinning certs (which it sounds like Mozilla does here). But all you need is a rogue CA to MITM SSL if you’re not pinning certs, so I don’t think “simply not possible” is an accurate description of SSL as generally used by the broad web-dev community. |
|
|