author image

Jean-Baptiste Lanel

2 Posts by this author
post-thumb

CNAME - The hidden security risk in your DNS zone

Domain Name System (DNS) records are fundamental to how the internet works, translating human-readable domain names into machine-readable IP addresses. Among these records, the CNAME (standing for Canonical Name) record is the most commonly used for delegating a website to a third-party provider. However, this seemingly simple delegation mechanism harbors significant security implications that are often overlooked.

Read more
post-thumb

Why TLS if not confidential ?

It occurred to me more than once, that when I suggested that a URL should better be served in HTTPS, I have been replied that there was no need for that because that URL didn’t host any confidential data. The data is not confidential, OK, but still critical, as an alteration of the hosted data may result in serious damage in the consumer data security. And, precisely, TLS does not only grant confidentiality in the data transmission, but also authenticity and integrity. I may not expect you to do it, but if you really want, here is the RFC 5246 . As you’ve guessed already, I won’t talk about confidentiality in this note.

Read more