Bram Cohen wrote:
On Thu, 16 Nov 2000 obfuscation@beta.freedom.net wrote:
Bram Cohen writes:
In the vast majority of cases, preventing man in the middle attacks is a waste of time.
In the sense that, in the vast majority of communications, there is no man in the middle attack being mounted?
Yes.
Couldn't the same thing be said of cryptography, since in the vast majority of cases there is no eavesdropping?
Yes, but it's a less vast majority than the ones for which man in the middle is happening.
The point in both cases is that if you construct a protocol which has weaknesses, eventually people may begin to exploit them.
And if you build a protocol which is a pain to use, noone will use it.
What, like SSL, for example? Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff