[jdev] Re: TLS and self-signed certs

Alex Mauer hawke at hawkesnest.net
Fri Nov 12 13:33:38 CST 2004

Neil Stevens wrote:

> You can't know if there's a man-in-the-middle in progress when you first
> connect, but if you're remembering certificate and someone tries one after
> a while, you will be able to detect that.

And even if there is a mitm the first time, you should notice if/when it
ends.  At least giving a bit of warning that it has been compromised.

More information about the JDev mailing list