""'
Attackers who are in a position to monitor traffic passing between vulnerable end users and servers can inject malicious packets into the flow that will cause the two parties to use a weak 512-bit encryption key while negotiating encrypted Web sessions. Attackers can then collect some of the resulting exchange and use cloud-based computing from Amazon or other services to factor the website's underlying private key. From that point on, attackers on a coffee-shop hotspot or other unsecured network can masquerade as the official website, a coup that allows them to read or even modify data as it passes between the site and the end user.
"""
une belle attaque MITM en règle.. qui ne serait pas possible si les serveurs web (dont celui de nsa.gov) n'utilisaient pas des ciphersuites antédiluviennes. https://imirhil.fr/tls/

big up à l'équipe de chercheurs de l'INRIA Paris-Rocquencourt pour ces trouvailles.