19 Nov
2000
19 Nov
'00
7:03 p.m.
On Sun, 19 Nov 2000, Ray Dillinger wrote:
Bluntly, after reviewing PKI and x.509 certs, I don't think that there is a sufficient reason to trust that the machine I'm talking to is actually the machine its cert claims it to be.
Like I said, the important thing is that it stops passive attacks - in practice man in the middle attacks just don't seem to happen. -Bram Cohen