[Starlink] something of a step backwards
Michael Richardson
mcr at sandelman.ca
Mon Nov 15 17:36:06 EST 2021
David P. Reed <dpreed at deepplum.com> wrote:
> The mechanism for MITM'ing HTTPS connections is well known. I don't
> intend to detail it here, but it is based on the fact that certs aren't
> properly validated by client-end software and server-end software.
No, this is just not the case.
While there are occasionally issues that affect some strange corner case,
there are no issues in browsers available on any platforms I know of.
It can only be done in Enterprise cases where the Enterprise uses a
management system to push new anchors. That part is "well-known".
As for blaming protocols when the fault is bufferbloat, you are definitely
right on.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <https://lists.bufferbloat.net/pipermail/starlink/attachments/20211115/d8332c5f/attachment.sig>
More information about the Starlink
mailing list