Author: Gregory Maxwell 2014-08-19 16:38:21
Published on: 2014-08-19T16:38:21+00:00
In an email from 2014, Justus Ranvier suggested using TLS with self-signed certificates to improve security, however, another individual responded with concerns over the use of TLS. The responder stated that TLS is a large and complex attack surface that requires an additional dependency with difficult to audit code. Additionally, TLS is easily susceptible to DOS attacks and has had multiple vulnerabilities in major implementations in recent years. Despite the suggestion to use TLS, the responder notes that avoiding its use has prevented emergency scale vulnerabilities.
Updated on: 2023-05-19T19:16:07.337232+00:00