a couple nitpicks on otherwise interesting points... On Wed, Mar 17, 2004 at 09:02:17AM -0500, sunder wrote:
Look at how many folks use PGP - those who really know it and want it, or those who know enough about it and have some easily automated implementation that plugs in to their mail client. (i.e. commercial pgp with Eudora/Outlook plug in. As an aside, I'm still pissed off that the Mozilla mail client doesn't support PGP/GPG in addition to S/MIME or whatever the hell..)
There's a well-supported extension for that: http://enigmail.mozdev.org/ Actually, plans are in the works to make S/MIME an extension as well, so the two will soon be on equal footing.
There are ways to protect against this such as publishing a line for the known-hosts entry by other means, but no one does this (yet?) (i.e: sneakernet, finger, web page, pgp signed/encrypted email, over the telephone, etc.) (Another useful thing is to use public keys for SSH instead of passwords: this way the attacker won't be able to reuse your password - but you're still compromised the second you login.)
Out-of-band transmission of known-hosts entries has been standard operating procedure everywhere *I* have used ssh for the past 10 years. I thought everyone did that. regards, petard