Am 23.04.2014 23:52, schrieb Andreas Schulze: > Reindl Harald: > >> that attacks are not relevant for email because they >> rely on the way a webbrowser works which is not the >> case for a mail client - you can't trigger XSS and >> Ajax in a MUA > > sure, that may be right, but > > We manage numerous public available services. And every time > we go through our Qualys reports
https://www.ssllabs.com/ssltest/ just don't alow anything other than https and port 443 - what reports are you speaking about? > I have to explain this message from Qualys as not > relevant/harmless/cannot change so what - which fools are allowed to audit you while have no clue what they are talking about?
signature.asc
Description: OpenPGP digital signature
