| 1 |
On Wed, 23 Aug 2017 11:46:02 +0300 |
| 2 |
Andrew Savchenko <bircoph@g.o> wrote: |
| 3 |
|
| 4 |
> Sigh... https also makes MITM attacks possible, especially if SSL |
| 5 |
> or TLS < 1.2 is used or are allowed and protocol version downgrade |
| 6 |
> attack may be performed. |
| 7 |
|
| 8 |
None of that is true. |
| 9 |
|
| 10 |
You're probably referring to attacks that were specific to certain |
| 11 |
browser weaknesses, but they're irrelevant for this use case. |
| 12 |
|
| 13 |
-- |
| 14 |
Hanno Böck |
| 15 |
https://hboeck.de/ |
| 16 |
|
| 17 |
mail/jabber: hanno@××××××.de |
| 18 |
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 |
Archives