cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: ssl-pinning in libcurl

From: Nick Zitzmann <nick_at_chronosnet.com>
Date: Thu, 25 Jul 2013 11:36:59 -0600

(please don't top-post)

On Jul 24, 2013, at 11:20 PM, venkatesh perumalla <perumalla.venki_at_gmail.com> wrote:

> But the comments of the function "servercert", it looks like it handles the "man in the middle attack".
> Should we have to do anything extra for avoiding "man in the middle attack".

The whole point of TLS/SSL pinning is to avoid a possible MitM attack caused by a signed and trusted but forged certificate that would normally pass an examination. If you're not sure what an MitM attack is, Wikipedia provides a pretty good explanation: <https://en.wikipedia.org/wiki/Man-in-the-middle_attack>

Nick Zitzmann
<http://www.chronosnet.com/>

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-07-25

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: CURLOPT_READFUNCTION performance issue"
Previous message: Michael Dowling: "Re: CURLOPT_READFUNCTION performance issue"
In reply to: venkatesh perumalla: "Re: ssl-pinning in libcurl"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]