On Mon, Nov 23, 2015 at 12:16 AM, Adrian Stoness
wrote:
> Man this has turned in a hackerspace discussion on security
> On Nov 22, 2015 10:18 PM, "Dave Wade" wrote:
>
And here's today's installment:
Dell has been found to be including an easily cloned root certificate on
its laptops, similar t
Man this has turned in a hackerspace discussion on security
On Nov 22, 2015 10:18 PM, "Dave Wade" wrote:
> For outbound TMG needs a browser plugin. For inbound its usual to terminate
> the SSL on the TMG firewall and then TMG opens a new SSL session to the
> backend web server. For this to work T
For outbound TMG needs a browser plugin. For inbound its usual to terminate
the SSL on the TMG firewall and then TMG opens a new SSL session to the
backend web server. For this to work TMG needs to have a copy of the
certificate including the private key. Wildcard certs are commonly used
with TMG b
On 2015-11-22 5:25 PM, Mouse wrote:
https is supposed to prevent "man in the middle" attacks, provided you enfor$
That was the original theory, as I understand it.
But there are way too many "in most browsers by default" CAs that are
willing to sell wildcard certs such as can be used for MitM
