|
|
|
|
|
|
by nothrabannosir
4129 days ago
|
|
|
That list is public; if you are in the business of writing these proxies anyway, fetching that list and using it as do-not-mitm exceptions is not a stretch. Which, unfortunately, defeats this nice side-effect of certificate pinning. People could have learned from the Diginotar mistake (being: mitm'ing ssl-pinned certs). |
|
|