Gurus, In this hypothetical situation how would someone break in or view the data transmitted?
Hardend Gentoo/Linux/Apache system with only port 443 open in a secure facility (please assume that hardend means everything you, dear reader, would do to secure a box). Now this Apache server is configured only to accept connections from clients who present a certificate signed by the CA who signed the servers cert. If the client is not signed I generate and securely transmit a cert to the client and then open the network to their IP.
Since traffic is limited to IPs that I trust and everyone must have a certificate signed by my CA how can jerks break into my box? Seems to be to be pretty solid, so I must be missing something.
/djb -- gentoo-user@gentoo.org mailing list
