|
|
|
|
|
|
by Sae5waip
4601 days ago
|
|
|
You'll be protected against NSA-style snoop-everything passive attacks. CAs will always be able to MITM you. Like I said: "the notion of CAs is problematic." There are two caveats: 1) certificate pinning: your browser has a hard-coded list of certificates for all major websites (e.g. Chromium: https://code.google.com/p/chromium/codesearch#chromium/src/n... (scroll down!)) 2) there are add-ons (ie Certificate Patrol) that warn you when the certificate changes |
|
|