[Ach] Idea: catching old clients with sni
adi at kriegisch.at
Tue Nov 12 23:18:55 CET 2013
> On 12.11.2013, at 16:51, Adi Kriegisch <adi at kriegisch.at> wrote:
> > I think this could be a hint for site operators still caring for users of
> > very old browsers. What do you think? Is this worth a hint in our paper?
> Site operators could even disable login forms or other means where users submit data in an unsecure way on that fallback host to protect users while suggesting an incentive to upgrade their browsers. (Or to bug the IT department to do so.)
Absolutely. But these changes require modifications on application level
and this is not feasible in many situations. (or worse: introduce
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 827 bytes
Desc: Digital signature
More information about the Ach