Kent Borg wrote:
Requiring them to take active measures in advance of the communication (MitM attacks) or even afterwards (human intervention) harms their economics *enormously*. Orders of magnitude.
What harm? The NSA has an effectively unlimited budget. The only real cost is time and that's short-circuited by knowing precisely where the weaknesses are in commercial-grade ciphers like RSA and AES.
If your foes include lesser organizations then maybe you are correct. It depends on what resources they have to bring to bear.
Let's make it harder. Yes, a web of trusted certificates is hard to make air tight. Okay, don't insist it be air tight. If end-to-end encryption started to became common, even on a hodge-podge of self-signed certificates, the howls of protest from the spies would become deafening: because it would make their task much, much harder.
Y'know... this was me 25 years ago. I was dismissed as a crackpot. The vindication is bitter-sweet. -- Rich P. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
