mTLS: When certificate authentication is done wrong
- Added on 2023-08-20
- Page: https://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/
- See on Internet Archive
- #security #mtls
In this post, we'll deep dive into some interesting attacks on mTLS authentication. We'll have a look at implementation vulnerabilities and how developers can make their mTLS systems vulnerable to user impersonation, privilege escalation, and information leakages.