[Dshield] Eavesdropping

Tony Earnshaw tonye at billy.demon.nl
Fri Jun 4 20:16:34 GMT 2004


fre, 04.06.2004 kl. 17.08 skrev David Klotz:

> Since the list is so slow right now, I'll take this opportunity to ask a
> question:  Has anyone ever heard of somebody successfully eavesdropping on a
> validly established HTTPS connection?
> 
> Some term definition: by "successful", I mean snooped encrypted traffic,
> decrypted it, and learned something they didn't already know.  "Valid" means
> there was nothing funny going on with the setup of the secure connection.  I
> know about MIM attacks, and I know you can trick people into going to "secure"
> sites that aren't what they think they are, but I'm not interested in those
> situations.

How would that entity decrypt (strong ciphers) any https communication?

Hint: site: www.modssl.org. Read *everything* about *everything*

--Tonni

-- 

We make out of the quarrel with others rhetoric
but out of the quarrel with ourselves, poetry.

mail: tonye at billy.demon.nl
http://www.billy.demon.nl




More information about the list mailing list