Take many grains of salt before concluding that MITM attacks are either hard or don't happen.
It is just that the environment for them is not the Internet per se, but modern switched LANs. The basic trick to monitoring someone's LAN traffic is to convince the ARP machinery that the MITM MAC is associated with the target's IP address, and then to forward the intercepted traffic to the real MAC address. This sort of thing is also one approach to getting into wireless lans. So given switched LANs with wireless access points, (drive up access) I would not be surprised at a rise in MITM attacks, even with no crypto involved. -Larry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]