Timeline for Tactics to ensure payload has not been modified
Current License: CC BY-SA 4.0
Post Revisions
7 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 22, 2021 at 13:52 | vote | accept | user1709076 | ||
| Jun 7, 2021 at 22:35 | answer | added | sau_t | timeline score: 1 | |
| Jun 7, 2021 at 14:37 | comment | added | schroeder♦ | If the endpoint is compromised, (as with a keylogger) then your responsibility ends as a service provider. Any tactic you use can be defeated on the endpoint. | |
| Jun 7, 2021 at 14:35 | history | edited | schroeder♦ | CC BY-SA 4.0 |
deleted 10 characters in body
|
| Jun 7, 2021 at 14:25 | comment | added | Steffen Ullrich | "... the payload has not been tampered with ..." - tampered by what? Everything between client and server can be secured with TLS. Everything at the server or at the client (i.e. compromised, malicious extension, broken server code) is out of control of TLS and need to be addressed differently. There is no way to be sure what the user entered without actually watching the user. | |
| Jun 7, 2021 at 14:15 | answer | added | mti2935 | timeline score: 1 | |
| Jun 7, 2021 at 14:11 | history | asked | user1709076 | CC BY-SA 4.0 |