From 38f40ed92976da590bf98df857cb6ced0d084d0d Mon Sep 17 00:00:00 2001
From: guilhem <guilhem@web>
Date: Fri, 5 Jun 2015 17:52:00 +0200
Subject: Added a comment

---
 .../comment_1_96728869b78cedfd11594828615e5079._comment           | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment

(limited to 'tracker')

diff --git a/tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment b/tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment
new file mode 100644
index 0000000..c665ac7
--- /dev/null
+++ b/tracker/Poor_score_on_starttls.info/comment_1_96728869b78cedfd11594828615e5079._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="guilhem"
+ avatar="http://cdn.libravatar.org/avatar/86d6cb4bde1ef88730b14ccad0414c28"
+ subject="comment 1"
+ date="2015-06-05T15:52:00Z"
+ content="""
+I'm all for ubiquitous encryption, but note that without TLSA records and DNSSEC, any MX is trivially vulnerable to downgrade attacks: an adversary sitting in the middle can easily strip the STARTTLS EHLO/HELO response, and force the communication to happen in the clear :-P
+"""]]
-- 
cgit v1.2.3