Ask HN: HTTPS and SSL Proxy security question

Ask HN: HTTPS and SSL Proxy security question
3 by fakeElonMusk | 1 comments on Hacker News.
I'm not a security expert but I always thought that HTTPS was secure and that if my code was calling an API (for example) with HTTPS/SSL Cert that it was encrypted end to end. Rephrase, I know it's encrypted but I'm aware that MIM or SSL Proxy methods can be used to expose that traffic by spoofing client/server keys. So I assume that someone has to be on your network to use a tool like Charles Proxy. Is the combination of securing your network plus HTTPS "enough" security to keep web and app traffic safe? What are other aspects I'm missing? Would love to learn more if anyone is willing to share some good resources. TIA.

Comments

Popular posts from this blog

John Wick Pinball Machine Announced, Touts Pinball’s First AI-Augmented Software

Dragon Ball: Sparking Zero Hands-Off Preview and New Details Revealed at gamescom latam

Dragon Age: The Veilguard's Devs Reveal New Info About Each of the Companions (and Solas and Varric, Too)