Quote:
Originally Posted by Phormic Acid
At this point, your web browser will warn you that an invalid certificate is being used. C will not be able to use a certificate issued to B. Some very clever people have thought very hard about this. If there was an easy way to compromise the security at any point between A and B, TLS/SSL wouldn’t be used. That’s not to say it’s impossible. People are always looking for potential weaknesses and looking to make improvements should any be found. What we can say is that it’s believed to be very strong, certainly strong enough to stop Phorm intercepting anything.
|
Oh yes the certification system, that makes things more secure for SSL.
I've done a bit of looking up on this and they call it a
'Man in the Middle attack (MITM)' apparently which is exactly what Phorm are doing.