what gives you the suggestion that the user agent or the httpd server
would notice any modification of plaintext bytes in transit through a
router or other network intermediate?
Isn't this authentication is for?
--
With Best Regards,
Marat Khalili
On 08/12/15 08:54, William A Rowe Jr wrote:
On Dec 7, 2015 11:36 PM, "Marat Khalili" <m...@rqc.ru
<mailto:m...@rqc.ru>> wrote:
>>
>> Everything *after* that handshake, in cleartext, is open for
inspection or for manipulation
>
> Are you sure about the manipulation part? Why do you think
encryption helps here then?
To turn the question around, what gives you the suggestion that the
user agent or the httpd server would notice any modification of
plaintext bytes in transit through a router or other network intermediate?