Secure Transactions
Heinz Diehl
htd+ml at fritha.org
Mon Sep 1 05:46:34 UTC 2014
On 01.09.2014, Tod Merley wrote:
> General question - can one spoof a certificate? I suppose "man in the
> middle" is simply nasty.
You can't "spoof" a certificate, but create one on your own and
present it as the real one when you're the "man in the middle".
Therefore the fingerprint check. Once you have the fingerprint
of the genuine certificate of the site you're communicating with,
you can easliy detect any MITM, because it is not possible to
produce two certificates with the same fingerprint (unless
the crypto used is broken).
More information about the users
mailing list