this post was submitted on 28 Apr 2024
1 points (100.0% liked)
Security
4945 readers
1 users here now
Confidentiality Integrity Availability
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I used to know that and still struggle to understand how a handshake wouldn't allow MitM. Later I found out that it requires a third party with a trusted and known certificate for signing handshake exchange messages in order to ensure there's no man in the middle: https://stackoverflow.com/a/10496684
Yes, that's why https needs certificates (and sometimes shows a broken lock) and why you need to accept the fingerprint when first connecting to a server via ssh.