Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Notices by Srujan (jonnadul@infosec.exchange)

Embed this notice
Srujan (jonnadul@infosec.exchange)'s status on Friday, 03-Jan-2025 03:13:55 JST Srujan
in reply to
- Raphael Lullis
@raphael I think what you need is some sort of MITM-TLS proxy

In conversation about a month ago from gnusocial.jp permalink
Embed this notice
Srujan (jonnadul@infosec.exchange)'s status on Sunday, 29-Dec-2024 07:48:06 JST Srujan
in reply to
- Raphael Lullis
@raphael sorry not exactly sure what you mean by decode but TLDR the server will initiate a handshake to establish an encrypted session with ANY incoming client call regardless of what cert the client presents (as long as they present one to facilitate the handshake). This is why you can access www.google.com regardless of what client browser, phone, etc.
In conversation about a month ago from gnusocial.jp permalink
Attachments
1. Untitled attachment
Embed this notice
Srujan (jonnadul@infosec.exchange)'s status on Sunday, 29-Dec-2024 07:03:57 JST Srujan
in reply to
- Raphael Lullis
@raphael by definition TLS is a one-way verification operation where the client verifies the authenticity of the server based off the certs its presents.

In conversation about a month ago from infosec.exchange permalink

User actions

Tags

(None)

Following 0

Followers 0

Groups 0

Statistics

User ID: 239935

Member since: 3 Feb 2024

Notices: 3

Daily average: 0

Feeds

Atom