[SSL Observatory] Does the Obs. provide cert validation through HTTP uploads?
Erik Hjelmvik
erik.hjelmvik at gmail.com
Sun Mar 27 07:53:08 PDT 2011
More info on how to extract X.509 certs from SSL sessions in a pcap
file, and how to look for signs of MITM attacks:
http://www.netresec.com/?page=Blog&month=2011-03&post=Network-Forensic-Analysis-of-SSL-MITM-Attacks
/erik
2011/3/23 ArkanoiD <ark at eltex.net>:
> On Wed, Mar 23, 2011 at 09:29:33PM +0100, Erik Hjelmvik wrote:
>>
>> I'm actually really not looking for a real-time MITM defence,
>>
> ..but i do. SSL proxy from OpenFWTK project is designed to do what browsers do not: make SSL
> slightly more usable and secure. So any ideas besides obvious AIA and CRL lookups and implenting TOFU are welcome :-)
>
>
--
my blog: http://www.netresec.com/?page=Blog
More information about the Observatory
mailing list