mirror of https://github.com/moparisthebest/mail
update security in readme
This commit is contained in:
parent
2ae0f2e475
commit
096b61bfbd
|
@ -5,7 +5,7 @@ Whiteout Mail is a mail client with full IMAP, SMTP, TLS and OpenPGP support wri
|
|||
|
||||
### Security and Privacy
|
||||
|
||||
* The client talks directly via IMAP/SMTP to your mail server. Your data and your private PGP key are stored encrypted on your computer and are never sent to our our servers.
|
||||
* We take the privacy of your data very seriously. The client talks directly via IMAP/SMTP to your mail server. Your data and your private PGP key are stored encrypted on your computer and are never sent to our our servers.
|
||||
* The app is deployed as an auditable packaged app with static versions in order to prevent [problems with host-based security](http://tonyarcieri.com/whats-wrong-with-webcrypto).
|
||||
* [Content Securit Policy (CSP)](http://www.html5rocks.com/en/tutorials/security/content-security-policy/) is enforced to prevent against injection attacks.
|
||||
* Mail server SSL certificates are pinned under [`src/ca/`](https://github.com/whiteout-io/mail-html5/tree/master/src/ca) in order to protect against SSL stripping and other man in the middle attacks.
|
||||
|
|
Loading…
Reference in New Issue