Verified Commit 2a249c89 authored by Steve Kerrison's avatar Steve Kerrison
Browse files

Chore: A little extra TL;DR and a formatting tweak

parent e813b096
......@@ -27,6 +27,11 @@ Summarising what happens:
3. The service establishes trust in the identities claimed by the client ✔️
4. The client **does not** establish trust in the certificates its given ❌
To see the evidence, you can jump straight to this articles [survey][#a-survey]
of clients. To see how to deal with it, here's a [proposed
to one such client.
### So what?
This means that the certificates we get from the likes of Let's Encrypt aren't
......@@ -376,9 +381,8 @@ certificates.
Standards be damned, there's nothing stopping clients from offering "hardened"
modes where some of these checks are performed now. In fact, the author has
[forked ``]( to provide [an
example of such
[forked ``]( to provide
[an example of such hardening](
The modification performs the following:
- Verifies the issued certificate and chain against the system's trust store,
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment