• hperrin@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    30 days ago

    They could pretend to be any domain, yes, but you asked about inspecting a TLS stream, and afaik, there’s no way to do that without the private key. Once the TLS handshake begins, there wouldn’t be a chance for a man in the middle, so that kind of attack would have to be done before the connection is established.