From: Simon Ruderich <simon@ruderich.org>
Date: Wed, 16 Mar 2011 13:25:45 +0000 (+0100)
Subject: README: Improve -u description.
X-Git-Tag: 0.2~10
X-Git-Url: https://ruderich.org/simon/gitweb/?p=tlsproxy%2Ftlsproxy.git;a=commitdiff_plain;h=6e568e11dd479576d27dc74a0f77cbc81dd5f766

README: Improve -u description.
---

diff --git a/README b/README
index 444bec7..0178e5c 100644
--- a/README
+++ b/README
@@ -84,3 +84,7 @@ link on a different site) then the proxy just forwards the TLS connection
 (because it doesn't know the fingerprint for https://www.example.org/, that's
 how '-u' works) and you won't be aware that a different server certificate
 might be used!
+
+If you always verify the authentication of the connection this isn't a
+problem, but if you only check if it's a HTTPS connection then this attack is
+possible.