diff --git a/content/2018/10/tls-client-authentication-leaks-user.html b/content/2018/10/tls-client-authentication-leaks-user.html index 4305d2a..96acd0a 100644 --- a/content/2018/10/tls-client-authentication-leaks-user.html +++ b/content/2018/10/tls-client-authentication-leaks-user.html @@ -66,7 +66,7 @@ packets (the answer!). I loaded the packet capture into wireshark, applied the SSL protocol analysis and confirmed that the client certificate was present in clear text: -![Wireshark shows TLS handshake with client authentication, with the client certificate displayed in plaintext.]([[!!images/tls.packet.capture.screenshot.png]]) +[![Wireshark shows TLS handshake with client authentication, with the client certificate displayed in plaintext.]([[!!images/tls.packet.capture.screenshot.png]])]({{ media_url('images/tls.packet.capture.screenshot.png') }}) So, there you have it. Do not use client authentication, pre-TLS 1.3, if you care about the privacy of your users.