Mozilla's mission is not to save political dissidents on exactly the same terms as they would save grandma's credit card. They are different and incompatible missions. If you confuse them, you will fail in one or the other of the missions (right now, it's the dissident who dies, and grandma doesn't get robbed).
So, you are proposing to ignore the dissident threat model? The consequence would be to go on as we had, but you seem to be arguing against that.
Encryption provides a measure of protection, with one weakness (MITM).
If there's no man in the middle, why encryption?
There are no statistics on MITM, ergo (and we have a fair degree of confidence in this) it isn't happening to any great extent, such that it's worthwhile worrying about it.
No. There are good reasons to believe that the NSA processes *all* Internet traffic it can get its hands on or used to and still tries to. Encrypted traffic is way harder than cleartext, but we're talking about just such a case how that could be circumvented. And as for publicity: NSA = No Such Agency ;-)
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
