|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: obfuscation@beta.freedom.net
Message-Id: <200011162255.OAA19650@blacklodge.c2.net>
Date: Thu, 16 Nov 2000 14:54:46 -0800
Old-From: obfuscation@beta.freedom.net
To: bram@gawth.com, rah@shipwright.com
Cc: cryptography@c2.net, cypherpunks@cyberpass.net, dbs@philodox.com,
dcsb@ai.mit.edu
Bram Cohen writes:
> In the vast majority of cases, preventing man in the middle attacks is a
> waste of time.
In the sense that, in the vast majority of communications, there is no
man in the middle attack being mounted?
Couldn't the same thing be said of cryptography, since in the vast
majority of cases there is no eavesdropping?
The point in both cases is that if you construct a protocol which has
weaknesses, eventually people may begin to exploit them. Building a
supposedly secure crypto protocol which is weak against a man in the
middle attack is an invitation to trouble. If you had reason to use
cryptography in the first place, you have reason to fear a man in the
middle attack. Designing against that threat is not a waste of time,
it is insurance against future troubles.
Ob
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |