Bram Cohen wrote:
On Sat, 18 Nov 2000, Ben Laurie wrote:
Bram Cohen wrote:
Unless that problem is fixed, man in the middle is hardly made more difficult - for example, Mallory could break into some random machine on the net and steal it's public key, then hijack local DNS and when someone goes to amazon.com redirect them to amazon.hackeddomain.com, and then proxy to amazon.com - now even SSL says the connection is safe.
Yes, and Mallory can't read the data - so what was the point?
Yes he can - he's presenting the key for hackeddomain.com, which he stole, so he's quite capable of reading requests sent for it.
Apologies, yes, you are correct, I misunderstood. But isn't this what Lynn was suggesting in the first place? Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff