[tor-talk] How evil is TLS cert collection?
Chris Palmer
chris at eff.org
Mon Mar 21 21:09:19 UTC 2011
On 03/20/2011 08:05 PM, Mike Perry wrote:
>> if EFF was presented with a national security letter or other legal
>> demand under seal demanding the existence of a given certificate not
>> be exposed, would they be bound to not present a MITM alert for that
>> cert?
>
> Leaving this for pde and/or Seth.
It's a question for our legal team. I'll ask them.
The main thing is that this feature is not intended for true real-time
MITM alerts. It's for research and study, and I hesitate to overload it
for MITM detection for all sorts of technical reasons, including those
Mike has raised.
--
Chris Palmer
Technology Director, Electronic Frontier Foundation
https://www.eff.org/code
More information about the tor-talk
mailing list