SSL is safe when the initial key exchange happens ahead of time. If the the threat actor can capture the key exchange and substitute their own, then the security is broken.
Mitm isn’t really a concern anymore as almost everything has SSL now.
SpikesOtherDog@ani.social 22 hours ago
muntedcrocodile@hilariouschaos.com 22 hours ago
That’s why we have key authorities
johntash@eviltoast.org 1 day ago
Who’s gonna control the CAs though? Or root dns? there are alternative p2p versions, but I haven’t seen any good ones yet…
muntedcrocodile@hilariouschaos.com 1 day ago
Well that’s the issue with the internet as a whole. How does i2p and tor handle things?