|
|
|
|
|
|
by cmelbye
5691 days ago
|
|
|
The certificates are unverified by a trusted certificate authority, so anyone can perform a man-in-the-middle attack by providing a different certificate to clients, allowing the bad guy to decrypt the information. (edit: clarified wording) |
|
|