-
[HTTP Public Key Pinning (HPKP)](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning) ([OWASP guide](https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning)), defined …
-
# Problem/Motivation
I need to add the MAIL_VERIFY_SLL option:
Source: https://www.bookstackapp.com/docs/admin/email-webhooks/
```
# Verify SSL/TLS certificates during SMTP sending
# WARNIN…
-
Add a way for home-server operators to promise in the /key responses that they won't lose the private keys for their HS.
Then other HSes that have observed that key won't accept a different key for t…
-
What 'provided bundle file' ? There has not been any mention of a bundle file, let alone seeing it 'provided' by anyone or anything.
Good grief, what a PITA this whole DANE thing is to set up. Am I…
-
I think is necessary to add the possibility to verify the signal contact to be sure that there is no MITM attacks.
-
Certificate pinning: We currently rely on android to verify the server tls certificate. This can in theory allow mitm-attacks!
-
Does the project implement the applet part?
-
If you proof your website and its over https include the fingerprint of the certificate in the proof.
Imo this strengthen the proof and prevents MITM-attacks.
enko updated
10 years ago
-
I am reaching out to explore a potential similarity I noticed in packet handling between SSH-MITM and the Terrapin Attack, as highlighted in the discussion of Pull Request [#163](https://github.com/ss…
-
Hi, I have tried to run DHALSIM for 3 of the provided examples (WADI, Anytown and Ky3) and I have run into problem with the WNTR simulation not converging after 2999 iterations or with issues by reque…