Is it possible for js running in the browser to query properties of the cert for the connection resources were retrieved over?
-
-
-
Replying to @hanno @RichFelker
if you're looking into mitm detection: there's really no easy route. you can look for hpkp fails, but has pitfalls, too.
2 replies 0 retweets 0 likes
Replying to @hanno
What about timing attacks? Do MITM proxies lose timing info the remote (real) server controls?
9:09 AM - 28 Feb 2017
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.