On 29/04/2014 07:41 am, Ryan Carboni wrote: > the only logical way to protect against man in the middle attacks would > be perspectives (is that project abandoned?) or some sort of distributed > certificate cache checking. > > because that's the only use of certificates right?
Well. Certificates define their MITM as being the sort they can protect against, sure. > to protect against man in the middle? Certs don't defend against *the MITM*, they only defend against _their MITM_. Subtle different, the MITM known as phishing is more or less unprotected. What to make of this? Security economics: there is zero point in investing anything in a form of MITM that is known to be so rare as statistically unmeasurable, even in unprotected environments, when there is another form of MITM that has clocked up billions in measurable losses. But jobs depend on that not being true, so it isn't. iang _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
