> There is no law that says the MITM must pass any traffic to any particular > party.
Yes there is. The law of "definition of MITM" > If he can get plaintext out of A without sending anything ever to B, > then he has won and he's still a man in the middle. The key is that he can > intercept and control any traffic sent by one party to the protocol to any > other party to the protocol. Those are worthwhile things, but they are intercepting, hijacking, etc. They are not a MITM attack. Yes, if you find out about him, he's still an adversary, but he is no longer a MITM. /r$ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]