Thomas Kluyver takowl at gmail.com
Fri Aug 1 21:20:42 EDT 2014

On 1 August 2014 15:47, Julian Taylor <jtaylor.debian at googlemail.com> wrote:

> In this case if someone is able to do a MITM and controls one of the
> domains that share the certificate with mathjax that person would be
> able to redirect the request to mathjax.org to his domain and serve any
> file. The browser would accept this as the certificate is valid for the
> domain even though its a different one than the request was sent to.
> Or would the browser complain about the change in any case?
>

I have opened an issue on Mathjax to work out if this is possible. It's
probably most concerning for IPython, but if it's possible, it potentially