"Steven M. Bellovin" writes:
>http://www.theregister.co.uk/2009/02/19/ssl_busting_demo/ -- we've talked
>about this attack for quite a while; someone has now implemented it.
My analysis of this (part of a much longer writeup):
-- Snip --
[...] it's now advantageous for attackers to spoof non-S
http://www.theregister.co.uk/2009/02/19/ssl_busting_demo/ -- we've
talked about this attack for quite a while; someone has now implemented
it.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
-
The Cryptography
