Hi Sophie, > On 15 Feb 2016, at 09:49, Sophie Hamilton <[email protected]> wrote: > > Hi, > > I'm using Blink 1.4.2 on Windows 7. > > I'm setting up an Asterisk server with TLS/SRTP (using a server certificate > issued from a self-signed CA) and have noticed that when setting up the > account in Blink with the appropriate settings and registering, it does not > verify the server at all, even though the "Verify server" checkbox is ticked. > I can even go so far as to generate an entirely different CA and tell Blink > to consider that as the certificate authority, and it will still register > successfully. > > I'm very concerned about this, as it opens up the possibility for a > man-in-the-middle attack. Is there anything I'm doing wrong or is this a bug > in Blink? >
Hum, looks like something is wrong indeed. Thanks for letting us now, we’ll take care of this ASAP. Regards, -- Saúl Ibarra Corretgé AG Projects
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Blink mailing list [email protected] http://lists.ag-projects.com/mailman/listinfo/blink
