[Ach] filippo on SSL SMTP encryption

Aaron Zauner azet at azet.org
Wed Apr 1 20:32:35 CEST 2015

* Jeroen Massar <jeroen at massar.ch> [01/04/2015 20:13:36] wrote:
> > I don't think you get the full picture here. Such an adversary has a
> > /very/ high interest in his work being undetected. If they would be to
> > massively DoS popular websites with injecting fake headers that would be
> > noticed immediately. They also can't use these attacks to gain information.
> You mean like: http://netres.ec/?b=153DB4E ? :)

So you're suggesting what exactly? That China may inject
ingress/egress traffic with false HPKP/HSTS header information?
Possible but that would be noticed immediately and they'll only DoS
chinese users of foreign services. They have far better technique to
keep people out of western services which they do not like.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20150401/672bf230/attachment.sig>

More information about the Ach mailing list