summaryrefslogtreecommitdiffstats
path: root/tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment
diff options
context:
space:
mode:
Diffstat (limited to 'tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment')
-rw-r--r--tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment8
1 files changed, 8 insertions, 0 deletions
diff --git a/tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment b/tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment
new file mode 100644
index 0000000..c665ac7
--- /dev/null
+++ b/tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="guilhem"
+ avatar="http://cdn.libravatar.org/avatar/86d6cb4bde1ef88730b14ccad0414c28"
+ subject="comment 1"
+ date="2015-06-05T15:52:00Z"
+ content="""
+I'm all for ubiquitous encryption, but note that without TLSA records and DNSSEC, any MX is trivially vulnerable to downgrade attacks: an adversary sitting in the middle can easily strip the STARTTLS EHLO/HELO response, and force the communication to happen in the clear :-P
+"""]]
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-29 18:16:09 +0000