Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'THIS IS NOT SECURE.' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
THIS IS NOT SECURE.
Authored by: verbal on Mar 12, '04 02:17:36PM

It still does not do proper certificate validation even with these options set. It will perform the basic set of validation checks (make sure the cert is not expired, CRL checking, etc.); however, it will not do hostname verification checks, so you can still be man-in-the-middled. You are also responsible for obtaining the appropriate CRLs yourself and telling stunnel where to find them.



[ Reply to This | # ]