On Mon, Sep 19, 2011 at 9:42 AM, Marsh Ray <[email protected]> wrote: > > I love SSH and think it's a great protocol. But to be honest, we have to > admit that it would be far worse than SSL at the problem > no-prior-relationship ecommerce bootstrapping problem.
Yes, it probably is worse at that. That said, it did an amazing job at stopping all of the passive password sniffing that went on when it was first released. Our compromised accounts where I worked at the time went down insanely when we switched over to SSH for logins. People at the time weren't performing MiTM attacks, they were "just" sniffing, and SSH totally defeated that. Was it a failure because it didn't solve bootstrapping perfectly, it didn't have a perfect UI, etc? Nope, it wasn't. It was pretty upfront about the types of errors that could occur. - Andy _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
