moparisthebest
/
mail
mirror of https://github.com/moparisthebest/mail
1
0
Fork 0
Code Issues Releases Wiki Activity

update security in readme

This commit is contained in:
Tankred Hase 2014-01-16 11:50:13 +01:00
parent 2ae0f2e475
commit 096b61bfbd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -5,7 +5,7 @@ Whiteout Mail is a mail client with full IMAP, SMTP, TLS and OpenPGP support wri
### Security and Privacy
* The client talks directly via IMAP/SMTP to your mail server. Your data and your private PGP key are stored encrypted on your computer and are never sent to our our servers.
* We take the privacy of your data very seriously. The client talks directly via IMAP/SMTP to your mail server. Your data and your private PGP key are stored encrypted on your computer and are never sent to our our servers.
* The app is deployed as an auditable packaged app with static versions in order to prevent [problems with host-based security](http://tonyarcieri.com/whats-wrong-with-webcrypto).
* [Content Securit Policy (CSP)](http://www.html5rocks.com/en/tutorials/security/content-security-policy/) is enforced to prevent against injection attacks.
* Mail server SSL certificates are pinned under [`src/ca/`](https://github.com/whiteout-io/mail-html5/tree/master/src/ca) in order to protect against SSL stripping and other man in the middle attacks.