[squid-dev] proof of concept for mitm attack for all ssl including pinned certificates
Alex Rousskov
rousskov at measurement-factory.com
Wed Oct 4 14:58:46 UTC 2017
On 10/04/2017 07:08 AM, Steve Hill wrote:
> Pinning is _supposed_ to be disabled in cases where the certificate
> presented by the website is signed by a root certificate that was
> imported by the user
What makes you think that? Is there a standard or specification that
documents what a pinning application is supposed to do?
Alex.
More information about the squid-dev
mailing list