Author: Luke Dashjr 2014-08-08 01:01:15
Published on: 2014-08-08T01:01:15+00:00
In a conversation on August 8, 2014, slush discussed the protection methods for mining pools with Luke. Slush mentioned that SSL and certificate validation on the client side are the only protections available. However, certificate revocation and updates in miners can be difficult to maintain, which is why many pools, including mine, do not use them.Luke explained that certificate validation is not necessary unless the attacker can perform a direct MITM attack during connection time, which is more challenging to execute than injecting a client.reconnect. Therefore, BFGMiner defaults to TLS without certificate checking for stratum to avoid such issues.
Updated on: 2023-06-09T01:58:15.842327+00:00