> This is why in my other replies to whomever - I made the
> statement about how
> fast all this can be done. It takes at least 3 good handshakes to get
> onboard a SSL site - but, what matters the most is that
> &*_*&)^&^)*_**;qwepqowifskljfas that surrounds the key - is intact and not
> minus or plus one letter of symbol or corrupted in any way and what do the
> placements of those objects matter. That's what is being looked
> for in the
> comparisons of the algorithms that do the checking. Of course
> you want the
> inside data to be left intact - but, can you really do that and
> find it out
> without corrupting it's wrapper? in the length of time shorter
> than it takes
> for the originator to establish a legitimate connection? NO - you cannot,
> unless you are running a seamless proxy intercepting and passing
> on before
> you as you go. No impossible - but, usually done only outside the United
> States where it's uncontrolled. Most objects (subjects or persons --
> whatever) in the U.S. don't even have the education to go there - so why
> bother worrying about it.
I have no idea what you are talking about and strongly suspect that you
don't either. Modern cryptographic algorithms are carefully designed to
withstand attacks, even from atackers with full control over the data
proxied and even from attackers with computing power that vastly exceeds
that available at the endpoints. Designing or analyzing cryptographic
schemes as sloppily as you suggest above would be inexcusable professional
negligence.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
