RE: [fw-wiz] Security of HTTPS
lordchariot_at_earthlink.net
Date: 11/23/04
- Previous message: Jean-Denis Gorin: "RE: [fw-wiz] Security of HTTPS"
- In reply to: Alex Bihlmaier: "[fw-wiz] Security of HTTPS"
- Next in thread: Frank Knobbe: "RE: [fw-wiz] Security of HTTPS"
- Reply: Frank Knobbe: "RE: [fw-wiz] Security of HTTPS"
- Reply: Shimon Silberschlag: "Re: [fw-wiz] Security of HTTPS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <firewall-wizards@honor.icsalabs.com> Date: Tue, 23 Nov 2004 11:00:07 -0500
I wouldn't necessarily call it a MITM attack, but there are some products
out there that intentionally decrypt an SSL connection. These type of
products will take an SSL certificate as presented from the web site, and
re-create a new one on-the-fly to present to the client browser. If the
product's CA cert is loaded into the client, there aren't any certificate
warnings. If not, then most people click through the cert warning anyway
because they don't know any better.
These products are generally used to perform AV scans or Ad-Popup blocking
through an SSL connection. For example, an attachement coming in through an
SSL webmail connection that needs to be virus scanned at the gateway.
Erik
-----Original Message-----
From: firewall-wizards-admin@honor.icsalabs.com
[mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of Alex
Bihlmaier
Sent: Friday, November 19, 2004 6:07 AM
To: firewall-wizards@honor.icsalabs.com
Subject: [fw-wiz] Security of HTTPS
Good Morning.
I am curious how strong the security of https can be.
Is there some possibility of a MITM attack?
Are there any papers out there outlining this aspect of security?
//thalunil
----------------------------------------------------------------
kallisti.de webmail access - email on the road
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Jean-Denis Gorin: "RE: [fw-wiz] Security of HTTPS"
- In reply to: Alex Bihlmaier: "[fw-wiz] Security of HTTPS"
- Next in thread: Frank Knobbe: "RE: [fw-wiz] Security of HTTPS"
- Reply: Frank Knobbe: "RE: [fw-wiz] Security of HTTPS"
- Reply: Shimon Silberschlag: "Re: [fw-wiz] Security of HTTPS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
