From f6fbf8e58e9fc135f7a689a381c3061049cef289 Mon Sep 17 00:00:00 2001 From: sergeych Date: Sat, 10 Aug 2024 11:39:37 +0200 Subject: [PATCH] readme fixes --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 6efe369..a56d6fc 100644 --- a/README.md +++ b/README.md @@ -181,7 +181,7 @@ This is a common proactive to create a business logic in a `KiloInterface`, then We do not recommend to rely on TLS (HTTPS://, WSS://) host identification solely, in the modern world there is a high probability of attacks on unfriendly (in respect to at least some of your users) states to the SSL certificates -chain, in which case the MITM and spoofing will be undetected. Check the [remoteId](https://code.sergeych.net/docs/kiloparsec/kiloparsec/net.sergeych.kiloparsec/-kilo-client/remote-id.html?query=suspend%20fun%20remoteId():%20VerifyingPublicKey?) in your client on each connection and provide the safe [serverSecretKey](https://code.sergeych.net/docs/kiloparsec/kiloparsec/net.sergeych.kiloparsec/-kilo-server/index.html?query=class%20KiloServer%3CS%3E(clientInterface:%20KiloInterface%3CS%3E,%20connections:%20Flow%3CInetTransportDevice%3E,%20serverSecretKey:%20SigningKey?%20=%20null,%20sessionBuilder:%20()%20-%3E%20S) when creating a server. +chain, in which case the MITM and spoofing will be undetected. Check the [remoteId](https://code.sergeych.net/docs/kiloparsec/kiloparsec/net.sergeych.kiloparsec/-kilo-client/remote-id.html?query=suspend%20fun%20remoteId():%20VerifyingPublicKey?) in your client on each connection and provide the safe [serverSecretKey](https://code.sergeych.net/docs/kiloparsec/kiloparsec/net.sergeych.kiloparsec/-kilo-server/index.html) when creating a server. This will effectively protetcs against certificate chain spoofing in the case of the application installed from the trusted source.