Tony Arcieri <[email protected]> writes: >How? At the very least Alice/Bob need an authenticated/trusted channel >for this. > >If Alice sends Bob her "public key" over an untrusted channel, it can >be intercepted by an MitM posing as Bob who can then intercept all >traffic between Alice/Bob
In the real world, one often has a temporary-but-secure channel with someone (e.g., you meet them in person briefly somewhere, with a trusted intermediary who knows both of you). Then later, you want to communicate securely with your new acquaintance. It doesn't mean MitM never happens. But let's not deny away real world scenarios by imposing theoretical limitations where they don't necessarily apply. Often when you want to communicate with someone, you already have some shared bit of context that allows you to bootstrap authenticated identities. -K -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
