![](/static/66c60d9/assets/icons/icon-96x96.png)
![](https://lemmy.world/pictrs/image/0943eca5-c4c2-4d65-acc2-7e220598f99e.png)
Tell me more about SSL certificate forgery. As far as I know, for a device to trust it, it needs to be signed by a trusted CA. You’d either need to compromise a CA and create your own certificate for the website or make the target device trust a custom CA. In the case of a custom CA, the user explicitly needs to perform an action to trust it. How is this not enough on a public network?
More like
Oh Mi Bod