I have read through the previous discussion on the same topic here, here and a few other places. While I understand that during the course of TLS communication, a MiTM is quite not possible, what are the chances of MiTM attack during TLS handshake?
I realize that TLS client hello, server hello and the following packets sent before establishing the key cannot be encrypted. For establishing the key, TLS uses Diffie Hellman protocol. SO will the traditional Man in the Middle attack still work here?
High level view: At the end of the handshake a signature is done covering the whole handshake. This signature implicitly includes that only the server knows the private key of the certificate. Thus the signature can not be faked by a man-in-the-middle as long as the certificate was properly validated by the client.
If you need a more detailed view on how this process really works you will find lots of information on the internet.