Why TLS if not confidential ?
Jean-Baptiste Lanel- 3 Min To Read
- 19 Jun, 2017
It occurred to me more than once, that when I suggested that a URL should better be served in HTTPS, I have been replied that there was no need for that because that URL didn’t host any confidential data. The data is not confidential, OK, but still critical, as an alteration of the hosted data may result in serious damage in the consumer data security. And, precisely, TLS does not only grant confidentiality in the data transmission, but also authenticity and integrity. I may not expect you to do it, but if you really want, here is the RFC 5246 . As you’ve guessed already, I won’t talk about confidentiality in this note.
Read more Details