LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

China, GitHub and the man-in-the-middle (Greatfire)

China, GitHub and the man-in-the-middle (Greatfire)

Posted Jan 31, 2013 16:32 UTC (Thu) by raven667 (subscriber, #5198)
In reply to: China, GitHub and the man-in-the-middle (Greatfire) by robert_s
Parent article: China, GitHub and the man-in-the-middle (Greatfire)

Well SSH style key pinning is scalable but is dependent on the first interaction being clean, which may not be the case in a network with pervasive SSL proxying. Pre-loaded key lists, assuming they haven't been tampered with, can flag for major sites that can be listed but in both cases most users are just going to click through any warnings to get to where they want to go.

The benefit is that the one user who actually pays attention can trivially demonstrate that the MITM is going on and sound the alarm.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds