[32500] in North American Network Operators' Group
Re: Carnivore Update - Washington Post 11/21/00
daemon@ATHENA.MIT.EDU (Shawn McMahon)
Thu Nov 23 22:52:56 2000
Date: Thu, 23 Nov 2000 22:49:39 -0500
From: Shawn McMahon <smcmahon@eiv.com>
To: nanog@merit.edu
Message-ID: <20001123224939.A10453@eiv.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="sm4nu43k4a2Rpi4c"
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.04.10011231902530.9558-100000@kitty.kotovnik.com>; from avg@kotovnik.com on Thu, Nov 23, 2000 at 07:16:49PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
--sm4nu43k4a2Rpi4c
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Nov 23, 2000 at 07:16:49PM -0800, Vadim Antonov wrote:
>=20
> useful certificate validation support. How many users actually check that
> site certificate indeed belongs to whoever is identified as the site owner
> on the Web pages?
Not relevant; presumably one would have accessed one's web mail at some
point in the past, before Carnivore was installed at one's ISP.
If so, the certificate will have been obtained long ago.
> commercial entity. Of course, i have no proof that this happened, but I
> have no reason to trust that it didn't happen, too.)
It is a tremendous stretch to go from "we don't know" to "has no problem
decrypting". That's what I'm objecting to; the original statement was
not provable, and all I did was ask for the source.
So far I haven't gotten a source, I've gotten assertions that SSL is
weak (of course it is) with this somehow implying that Carnivore can
magically decrypt things immediately.
--sm4nu43k4a2Rpi4c
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6HeVTEcl9bQ0RMt0RAmQbAJoDsncYEpWQtrTOfhoZK+z6nRDiYACfcslr
l+JZlHPpWUtBFT1XHlVUJBU=
=7Za+
-----END PGP SIGNATURE-----
--sm4nu43k4a2Rpi4c--
