Konstantin Weddige on Nostr: Have you ever wondered what it means when you get an email that is encrypted but not ...
Have you ever wondered what it means when you get an email that is encrypted but not signed? At the very least, it's better than being completely unencrypted, isn't it?
It turns out that's not necessarily the case. I've looked at S/MIME and found that it is possible to construct messages that, when sent to multiple recipients, are decrypted into completely different messages:
https://lutrasecurity.com/en/articles/salamander-mime/
#SMIME #SalamanderMIME #infosec
It turns out that's not necessarily the case. I've looked at S/MIME and found that it is possible to construct messages that, when sent to multiple recipients, are decrypted into completely different messages:
https://lutrasecurity.com/en/articles/salamander-mime/
#SMIME #SalamanderMIME #infosec