1 |
On Wed, 23 Aug 2017 11:46:02 +0300 |
2 |
Andrew Savchenko <bircoph@g.o> wrote: |
3 |
|
4 |
> Sigh... https also makes MITM attacks possible, especially if SSL |
5 |
> or TLS < 1.2 is used or are allowed and protocol version downgrade |
6 |
> attack may be performed. |
7 |
|
8 |
None of that is true. |
9 |
|
10 |
You're probably referring to attacks that were specific to certain |
11 |
browser weaknesses, but they're irrelevant for this use case. |
12 |
|
13 |
-- |
14 |
Hanno Böck |
15 |
https://hboeck.de/ |
16 |
|
17 |
mail/jabber: hanno@××××××.de |
18 |
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 |