undefined | Better HN

0 pointsCountSessine5y ago0 comments

Except you’re using garbage certificates so anyone could MITM you and inject whatever they like.

0 comments

In what way are self-signed certs garbage? They're essentially the same as ssh certs.

That's a separate kind of attack, not intrinsic to the protocol. If the keypair got leaked or a CA misbehaves and issues multiple certificates that can be used for a host, then yes, it can happen.

j / k navigate · click thread line to collapse

0 comments

bavell5y ago

In what way are self-signed certs garbage? They're essentially the same as ssh certs.

1 more reply

samus5y ago

That's a separate kind of attack, not intrinsic to the protocol. If the keypair got leaked or a CA misbehaves and issues multiple certificates that can be used for a host, then yes, it can happen.

j / k navigate · click thread line to collapse