Https dns劫持
MITM: 中间人攻击
http://www.hack80.com/thread-19103-1-1.html
https://www.zhihu.com/question/22795329
Https攻击
Https协议 http://blog.csdn.net/hherima/article/details/52469674
1. 攻击者篡改ca, 为不授信ca, 如果接收方确认继续, 则攻击成立
2. 如果客户端app关闭ca认证环节, 攻击者可以随意篡改ca, 建立通信
措施
Certificate Pinning: 证书锁定
HPKP: Http Public Key Pinning 公钥固定
https://linux.cn/article-5282-1.html
https://www.yryz.net/post/http-public-key-pins.html
HSTS: HTTP Strict-Transport-Security
https://www.jianshu.com/p/caa80c7ad45c