[Cryptography] Debunking the "SMTP TLS "s a mess" myth.
Phillip Hallam-Baker
phill at hallambaker.com
Tue Oct 4 14:10:03 EDT 2016
The way to improve upon STARTTLS isn't actually to use DANE.
It would be to develop an infrastructure in which the active attacker
doesn't know if their attack is going to be detected or not until after
they have committed.
Something like 'pinning with fangs'.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161004/c3c2f61c/attachment.html>
More information about the cryptography
mailing list