On 8 December 2013 19:25, Gregory Maxwell <gmaxw...@gmail.com> wrote:
> On Sun, Dec 8, 2013 at 11:16 AM, Drak <d...@zikula.org> wrote:
> > BGP redirection is a reality and can be exploited without much
>
> You're managing to argue against SSL. Because it actually provides
> basically protection against an attacker who can actively intercept
> traffic to the server. Against that threat model SSL is clearly— based
> on your comments— providing a false sense of security.
Let me clarify. SSL renders BGP redirection useless because the browser
holds the signatures of CA's it trusts: an attacker cannot spoof a
certificate because it needs to be signed by a trusted CA: that's the point
of SSL, it encrypts and proves identity, the latter part is what thwarts
MITM. If there was an MITM the browser screams pretty loudly about it with
a big threat warning interstitial.
Regards,
Drak
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development
