On Wed, Apr 26, 2006 at 12:07:45AM +0530, Krishna M Singh wrote:
> Some banks in Europe send the fingerprint of their certificate (i
> guess this is MD5 or SHA digest hash of the certificate) over the
> snail mail to their customer and customers are requested to match the
> bank's secure server certificate figerprint with that of the snail
> mail fingerprint to make sure everything is good..
> Has anyone heard of any such case before.?? Any more infomation in
> this regard or any other varied usage of the Certs would be of great
> help..
>
> We are splitting the SSL connection over our network and thus break
> this thing. :(
So banks are doing the right thing then... Their customers detect the
man-in-the-middle attack.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
