|
|
|
|
|
|
by Nanzikambe
4639 days ago
|
|
|
Interesting, but doesn't this pretty much assume that the MITM isn't occurring in the last hops of the path to the server? If all paths (including those through Tor) lead through a piece of compromised infrastructure (a rogue access-point like a pineapple, or subverted router) both will report that the site uses the same certificate despite the MITM. |
|
|