[jdev] Re: TLS and self-signed certs
hawke at hawkesnest.net
Fri Nov 12 13:33:38 CST 2004
Neil Stevens wrote:
> You can't know if there's a man-in-the-middle in progress when you first
> connect, but if you're remembering certificate and someone tries one after
> a while, you will be able to detect that.
And even if there is a mitm the first time, you should notice if/when it
ends. At least giving a bit of warning that it has been compromised.
More information about the JDev