On 01.09.2014, Tod Merley wrote: > General question - can one spoof a certificate? I suppose "man in the > middle" is simply nasty.
You can't "spoof" a certificate, but create one on your own and present it as the real one when you're the "man in the middle". Therefore the fingerprint check. Once you have the fingerprint of the genuine certificate of the site you're communicating with, you can easliy detect any MITM, because it is not possible to produce two certificates with the same fingerprint (unless the crypto used is broken). -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
