Extended Validation Certificates: Warning Against MITM Attacks
The recent Superfish incident has raised more concerns that SSL/TLS connections of users can be intercepted, inspected, and re-encrypted using a private root certificate installed on the user system. In effect, this is a man-in-the-middle (MITM) attack carried out within the user’s own system. We believe that site owners adopting extended validation (EV) certificates would help warn users about possible MITM attacks.
As new technologies, platforms and devices emerge that change the way we connect and communicate, security must constantly adapt to handle any and all new threats that might emerge... andy michael
ReplyDelete