|
|
|
|
|
|
by bootloop
2213 days ago
|
|
|
That's correct. To sniff traffic without replacing the certificate with one of their own they would need the the private key which was used in a session. (That key might have been derrived from the server private key, but again nothing the CA has access to.) |
|
|