Sep 2, 2018 · 1 min read
Could you please explain third paragraph from last(“ To trick the client that he is…”) a little bit more?
supposing the middle man is the one who has always had the access to user network stream, and for every ssl connection create his own public/private key, why not he couldn’t forge a new SSL Certificate? and why user would know that it’s invalid?
