]> ruderich.org/simon Gitweb - tlsproxy/tlsproxy.git/commitdiff
README: Improve -u description.
authorSimon Ruderich <simon@ruderich.org>
Wed, 16 Mar 2011 13:25:45 +0000 (14:25 +0100)
committerSimon Ruderich <simon@ruderich.org>
Wed, 16 Mar 2011 13:25:45 +0000 (14:25 +0100)
README

diff --git a/README b/README
index 444bec794b59e0573ac4b69f8bc13cc26c665aa5..0178e5c8f97a7caff3f3041cb50e4751ac10bc52 100644 (file)
--- a/README
+++ b/README
@@ -84,3 +84,7 @@ link on a different site) then the proxy just forwards the TLS connection
 (because it doesn't know the fingerprint for https://www.example.org/, that's
 how '-u' works) and you won't be aware that a different server certificate
 might be used!
+
+If you always verify the authentication of the connection this isn't a
+problem, but if you only check if it's a HTTPS connection then this attack is
+possible.