> No you can't, that's the whole point of public key encryption.
.
> but unless you literally own a half-a-billion dollar supercomputer capable of factoring large primes in a reasonable amount of time, can you, personally? Plain and simple no.
I'm not sure if you're being purposefully dense, if you really don't know how easy it is, or if you place too much trust in the chain of resources required to make an SSL connection.
3. Can't do it "accidentally". That's why a lot of people have 2 foot high fences, not that you can't jump over them but to create the atmosphere that this is private, and if you get caught there you can't say "oops".
1. key pinning wasn't part of this policy, and regardless implementations are few and doing it correctly is problematic at best.
2. Certificate transparency is not implemented in all clients (and won't be).
3. I do understand the 2 foot high fence, and I've re-iterated repeatedly that I don't believe that TLS is a bad idea or that it provides no benefits. My original comment was meant to point out that a blanket "https everywhere" policy for the federal government is a bad idea.
4. malicious or friendly routers can MITM. Would you go to defcon, attach to an unknown wifi source, and pass your banking credentials?
.
> but unless you literally own a half-a-billion dollar supercomputer capable of factoring large primes in a reasonable amount of time, can you, personally? Plain and simple no.
I'm not sure if you're being purposefully dense, if you really don't know how easy it is, or if you place too much trust in the chain of resources required to make an SSL connection.