> If a browser has a maliciously-included root certificate placed
> there by an attacker and ...
I'm not aware of any definition of MITM that includes compromising any
part of an endpoint. Could you point to one?
/r$
--
STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances
http://www.ibm.com/software/integration/datapower/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
