Bruce Perens: > On 12/06/2013 01:20 PM, Nicholas Weaver wrote: >> If the attacker can see your fetches he can execute a man-on-the-side attack >> through packet injection. > This is the first one I've seen that is actually compelling. But it's an > authentication problem rather than a confidentiality one.
Without confidentiality, a user may be targeted for specific tracking and more importantly, they may be targeted for client side exploitation. Do you find that compelling? All the best, Jacob _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
