Hijacks and redirects are all within the scope of what a MITM can do.
That's a Humpty-Dumpty argument, not the definition used by cryptographers. You're simply confused, or are immune to education.
You want a simple definition of a MITM? Here it is -- you think you have:
Simple definitions are often wrong, as is yours.
server <-> MITM <-> client
The MITM can do anything he wants from his position, including pass the data unmolested, drop bytes, or change them in both directions. Hijacking and redirection all occur on the wire between the server and the client, so they're all within the scope of a MITM attack.
No, mounting a MITM attack requires that the client be _unable to detect it_. The MITM cannot correctly negotiate the SSLv3 handshake, and cannot change bits without being detected.
You had been describing a completely different attack, in which the endpoint of the SSL channel is a hostile party. Obviously, this could turn out badly.
I'll repeat this -- SSLv3 was specifically designed to be proof against MITM attack. And it is. You can snoop all you want, you won't get the master shared secret and you won't be able to change bits in either direction without detection.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
