|
Message-Id: <E001F3DE-2AD5-40C6-A269-0393B17B5874@orthanc.ca>
Date: Sat, 2 May 2015 16:03:05 -0700
From: Lyndon Nerenberg <lyndon@...hanc.ca>
To: mancha <mancha1@...o.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: On sanctioned MITMs
On May 2, 2015, at 3:25 PM, mancha <mancha1@...o.com> wrote:
> As you said, lots of people are interested in ways of achieving E2E
> security with intermediation - precisely because there is recognition
> current TLS interposition models are not satisfactory.
>
> My specific interest is how OSS projects (e.g. browsers, TLS stacks,
> etc.) can address security issues that arise from SSL/TLS interposition.
> Also of interest is leveraging the intersection of infosec/oss/crypto to
> develop related innovations (e.g. interposition that coexists with
> uncompromised E2E security).
Are you (or anyone else out there) aware of a bibliography of research into this? Or groups actively looking at it? This is of more than passive interest to me.
--lyndon
Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.