Y
Hacker News
new
|
ask
|
show
|
jobs
by
michaelt
3601 days ago
I've seen quite a bit of criticism of it for mail servers [1] because an attacker can simply block the 'STARTTLS' message and (many) clients will silently accept that.
[1]
https://www.agwa.name/blog/post/starttls_considered_harmful