[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] [tor-relays] NSA v TOR Guardian article
On Sat, Oct 5, 2013 at 2:39 PM, krishna e bera <keb@xxxxxxxxxxxxxx> wrote:
> ...
> The more worrying aspect is the SSL MITM sites the slides said they are
> running. I wasnt able to tell if they are able to spoof existing
> relays/guards based on race conditions, or did that only apply to user
> destinations?
this is only for destinations, E.g. using a copied, stolen, or
impersonated Google certificate when clients are accesing Google sites
over HTTPS.
and by copied i mean certificate handed over per court order,
and by stolen i mean BULLRUN pilfered certs,
and by impersonated i mean a validating cert that was fraudulently
issued. (Comodo, DigiNotar, etc.)
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk