This DNS over HTTP thing

• Previous message (by thread): This DNS over HTTP thing
• Next message (by thread): This DNS over HTTP thing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The thing is: People were conditioned for years to look for the padlock,
because padlock means secure.

How will we ever get this out of their minds..

Jan

SMTP: jan at philippi.pw
XMPP: jan at himbeere.pw
GPG: 45F3 2DF0 4D55 C4B4 2083  14C5 5727 D54F *E4E2 2A3C*

Am 02.10.19 um 11:45 schrieb Valdis Klētnieks:
> On Wed, 02 Oct 2019 01:55:13 -0600, "Keith Medcalf" said:
> 
>> It is a common fallacy that TLS connections are authenticated.  The vast
>> majority of them are not authenticated in any meaningful fashion and all that
>> can be said about TLS is that it provides an encrypted connection between the
>> two communicating applications.  This is perhaps why it is call *transport*
>> layer security ...
> 
> Another major disconnect is that TLS validates the hostname that the browser
> decided to connect to, not the host you thought you were connecting to..
> 
> The end result is that if a phish directs you to nan0g.org, it can still show a
> padlock and the user is none the wiser....
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20191002/b141586c/attachment.sig>

• Previous message (by thread): This DNS over HTTP thing
• Next message (by thread): This DNS over HTTP thing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]