>That's using a questionable measuring stick.
>The damages paid out in a civil suit may be very
>different (either higher, or lower) than the true
>cost of the misconduct.  Remember, the courts are
>not intended to be a remedy for all harms, nor could
>they ever be.  The courts shouldn't be a replacement
>for our independent judgement.

Let me quote what the (U.S.) 2nd Circuit Court of Appeals said in the
T.J. Hooper case (60 F.2d 737, 1932):

        Indeed in most cases reasonable prudence is in face common prudence;
        but strictly it is never its measure; a whole calling may have unduly lagged
        in the adoption of new and available devices.
        It may never set its own tests, however persuasive be its usages.
        Courts must in the end say what is required; there are precautions
        so imperative that even their universal disregard will not
        excuse their omission....

        But here there was no custom at all as to receiving sets; some had
        them, some did not; the most that can be urged is that they had
        not yet become general.  Certainly in such a case we need not
        pause; when some have thought a device necessary, at least we may
        say that they were right, and the others too slack.

Given that there were published warnings of *practical* MITM attacks (my 
papers, Radia Perlman's dissertation on secure routing, Lawrence 
Joncheray's paper on TCP hijacking, etc.), I have no doubt whatsoever 
what a (U.S.) court would have ruled if there had ever been a real attack.  
Given that MITM attacks have happened, I have just about as little 
doubt that they would have been used to steal credit card numbers if 
SSL had no protection.  Look at it this way -- we've already had 
passowrd-eavesdropping (vintage 1993), off-the-shelf TCP hijacking code 
(Dug Song's package), and moderate-scale hacked machines for credit 
card number and account number theft (Internet cafes in Japan, about a 
month ago -- I'm on the train, and don't have the precise citation 
handy.)  Given all that, do you doubt that the hackers would have 
combined the easily-available pieces into a MITM attack?  I don't.

The real issue in the original post seems to be the cost of a "trusted" 
certificate.  I submit that there are other ways to solve that problem 
than abandoning a very necessary protection.

                --Steve Bellovin, http://www.research.att.com/~smb (me)
                http://www.wilyhacker.com (2nd edition of "Firewalls" book)

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to