c622e8e4d3
## Review A dedicated reviewer checked the rule description successfully for: - [x] logical errors and incorrect information - [x] information gaps and missing content - [x] text style and tone - [x] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com>
15 lines
715 B
Plaintext
15 lines
715 B
Plaintext
Transport Layer Security (TLS) provides secure communication between systems
|
|
over the internet by encrypting the data sent between them. In this process,
|
|
the role of hostname validation, combined with certificate validation, is to
|
|
ensure that a system is indeed the one it claims to be, adding an extra layer
|
|
of trust and security.
|
|
|
|
When hostname validation is disabled, the client skips this critical check.
|
|
This creates an opportunity for attackers to pose as a trusted entity and
|
|
intercept, manipulate, or steal the data being transmitted.
|
|
|
|
To do so, an attacker would obtain a valid certificate
|
|
authenticating `example.com`, serve it using a different hostname, and
|
|
the application code would still accept it.
|
|
|