- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
STS (Secure Time Seeding) uses server time from SSL handshakes, which is fine when talking to other Microsoft servers, but other implementations put random data in that field to prevent fingerprinting.
I’ve read the stuff on STS and my first thought was: How can anyone be so stupid to try such a loony concept and still be able to create a working piece of code?