[dxdm]

> The attacker HTTPS contemplates controls whether victims see SYN+ACK packets in response to their 80/tcp SYNs.

This informationally dense and adventurously worded sentence is the kind that you can only understand if you already understand it, it feels like. I certainly can't unpack it without getting my hiking gear on. Not this rainy morning, though, may the transport layer gods forgive me.

[vluft]

if an attacker is in the position to try to MITM TLS, they're in the position to just serve whatever they want on port 80 even if your server isn't doing that.

[tptacek]

They can't all be winners!

[dxdm]

Thanks for sending them on their way regardless. It does tend to move things forward.

[tptacek]

Like a good dose of dietary fiber.