|
|
|
|
|
|
by zurn
4428 days ago
|
|
|
Someone should set up a bet about what point in time more than 50% of MITM attempts with revoked (& Heartbleed-snarfed) certs will be caught by default configured browsers. "Never?" This and lack of PFS are much bigger catastrophes than
the OpenSSL debacle in itself. (PFS: supported by TLS but disabled by almost everyone so all your old traffic is decryptable with heartbled cert). |
|
|