Say Alice wants to open up an HTTPS connection to Bob through a proxy named Earl.
What prevents Earl from reading alices request, opening a connection pretending to be bob, and then opening a https connection with bob pretending to be Alice , and snooping on the traffic as it passes through ?
Oooh that makes alot of sense, thanks and thanks everyone. So https cant be used for peer to peer , you need a server with a certificate from a trusted authority…
Right. You’ll get a warning otherwise. If you’re setting up a lab for yourself, though, you can set up your own trusted authority and use that to issue certificates and it ends up very much like
within your lab.