The MITM can be avoided by using Signed Exchanges. https://developers.google.com... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cramforce on Sept 8, 2019 \| parent \| context \| favorite \| on: Malicious attack on Wikipedia – what we know and w... The MITM can be avoided by using Signed Exchanges. https://developers.google.com/web/updates/2018/11/signed-exc...

SahAssar on Sept 8, 2019 [–]

That only works for static content, right?

cramforce on Sept 15, 2019 | [–]

No, they can be created on the fly. That basically makes it a TLS signing Oracle.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact