• snowfalldreamland
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 day ago

    Im also not an expert but i believe since there Is still an ephemeral DH key exchange happening an attacker needs to actively MITM while having the certificate private key to decrypt the session. Passive capturing wont work