Forums before death by AOL, social media and spammers... "We can't have nice things"
| alt.os.development | Operating system development chatter | 4,255 messages |
[ << oldest | < older | list | newer > | newest >> ]
| Message 2,342 of 4,255 |
| mutazilah@gmail.com to Elijah Stone |
| Re: TLS 1.0 |
| 19 Jun 21 23:34:05 |
From: muta...@gmail.com On Sunday, June 20, 2021 at 4:17:51 PM UTC+10, Elijah Stone wrote: > On Sat, 19 Jun 2021, muta...@gmail.com wrote: > >> There are very sound reasons to disallow the use of TLS 1.0 entirely. > >> Namely: downgrade attacks. There is no conspiracy. > > > > What downgrade attack are you talking about when a browser is used > > internally within a company? > A browser has no way of distinguishing a corporate-internal website and a > public one. Can't that be done at the corporation level - convert external traffic into TLS 1.2 using Squid? If it can be done, then shouldn't the browser give people the option to turn on TLS 1.0 because the company is protecting them? Thanks. Paul. --- SoupGate-Win32 v1.05 * Origin: you cannot sedate... all the things you hate (1:229/2) |
(c) 1994, bbs@darkrealms.ca