On 12/11/2010 06:22 PM, MFPA wrote: > A question on the subject of SSL/TLS certificates and HTTPS: often > there is no user requirement to "authenticate" the identity of the > server, but rather a simple requirement to prevent snooping; why does > this need a certificate?
"prevent snooping" means "only me and the remote server i'm connected to
has access to the communication".
if you don't know who the remote server actually *is*, you cannot
prevent snooping by a man-in-the-middle.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
