Eric Rescorla
Thu, 16 Oct 2003 07:33:07 -0700
Ian Grigg <[EMAIL PROTECTED]> writes:
> So to say that ITM is consensus is something
> that is going to have to be established.
Most comsec people I know subscribe to it. I don't
have a study to show it.
> In this case, the ITM was a) agreed upon after
> the fact to fill in the hole
I don't know what this means. If you'd asked a bunch of
comsec people what the appropriate threat model for SSL
was, they would have given you something very much
like SSL.
> > > (Actually, I'm not sure what SSH pops up, it's
> > > never popped up anything to me? Are you talking
> > > about a windows version?)
> > SSH in terminal mode says:
> >
> > "The authenticity of host 'hacker.stanford.edu (171.64.78.90)' can't be
> > established.
> > RSA key fingerprint is d3:a8:90:6a:e8:ef:fa:43:18:47:4c:02:ab:06:04:7f.
> > Are you sure you want to continue connecting (yes/no)? "
> >
> > I actually find the Firebird popup vastly more understandable
> > and helpful.
>
>
> I'm not sure I can make much of your point,
> as I've never heard of nor seen a Firebird?
What, you've never heard of Google?
Mozilla is effectively slimmed down Mozilla. The Mozilla dialog is
somewhat more aggressive.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]