Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Maybe they should just be advised to use PFS/ECDHE instead (which should be done anyway), and it would solve this problem by itself.


That would not solve the problem of active man-in-the-middle attacks.


Yes, even renewing your keys and certs doesn't mean any previous communication is not compromised :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: