Git/email-toolbox-wiki
1
0
Fork 0
mirror of https://github.com/internetstandards/toolbox-wiki.git synced 2024-11-22 11:01:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update DANE-for-SMTP-how-to.md

Browse Source
This commit is contained in:
Dennis Baaten 2019-07-31 23:35:18 +02:00 committed by GitHub
parent d8efebcbef
commit 53a1c70e78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
DANE-for-SMTP-how-to.md
View File

@ -78,7 +78,7 @@ The illustration below shows two TLS capable e-mail servers without using DANE.
The illustration below shows what happens when an attacker performs a man in the middle (MITM) attack and inserts its own certificate into the connection process. The illustration below shows what happens when an attacker performs a man in the middle (MITM) attack and inserts its own certificate into the connection process.
![](dane-example-1-evilcert.png) ![](dane-example-1-evilcert.png)
### Mail delivery: TLS with MITM using evil certificate ### Mail delivery: TLS with MITM stripping TLS
The illustration below shows what happens when an attacker performs a man in the middle (MITM) attack and forces an unsecure connection by stripping the TLS capability from the receiving e-mail server. The illustration below shows what happens when an attacker performs a man in the middle (MITM) attack and forces an unsecure connection by stripping the TLS capability from the receiving e-mail server.
![](dane-example-1-striptls.png) ![](dane-example-1-striptls.png)