[tor-talk] [tor-relays] NSA v TOR Guardian article

coderman coderman at gmail.com
Sat Oct 5 22:09:23 UTC 2013

On Sat, Oct 5, 2013 at 2:39 PM, krishna e bera <keb at cyblings.on.ca> wrote:
> ...
> The more worrying aspect is the SSL MITM sites the slides said they are
> running.  I wasnt able to tell if they are able to spoof existing
> relays/guards based on race conditions, or did that only apply to user
> destinations?

this is only for destinations, E.g. using a copied, stolen, or
impersonated Google certificate when clients are accesing Google sites
over HTTPS.

and by copied i mean certificate handed over per court order,
and by stolen i mean BULLRUN pilfered certs,
and by impersonated i mean a validating cert that was fraudulently
issued. (Comodo, DigiNotar, etc.)

More information about the tor-talk mailing list