At 02:55 PM 6/8/2003, James A. Donald wrote:
Attached is a spam mail that constitutes an attack on paypal similar
in effect and method to man in the middle.
The bottom line is that https just is not working. Its broken.
The fact that people keep using shared secrets is a symptom of https
not work
At 10:09 PM 6/4/2003, James A. Donald wrote:
Eric Rescorla
> Nonsense. One can simply cache the certificate, exactly as
> one does with SSH. In fact, Mozilla at least does exactly
> this if you tell it to. The reason that this is uncommon is
> because the environments where HTTPS is used are genera
At 09:11 AM 6/3/2003, Peter Gutmann wrote:
"Lucky Green" <[EMAIL PROTECTED]> writes:
>Given that SSL use is orders of magnitude higher than that of SSH, with no
>change in sight, primarily due to SSL's ease-of-use, I am a bit puzzled by
>your assertion that ssh, not SSL, is the "only really success
