The problem with all of these things is that they are still based on creating an association between a domain name and a key, when in fact what you want is an association between some abstract concept of a counterparty which exists in an end user's mind (like, say, amazon) and the ownership of a machine that user's browser is talking to.
Unless that problem is fixed, man in the middle is hardly made more difficult - for example, Mallory could break into some random machine on the net and steal it's public key, then hijack local DNS and when someone goes to amazon.com redirect them to amazon.hackeddomain.com, and then proxy to amazon.com - now even SSL says the connection is safe.
-Bram Cohen
I don't understand this last paragraph at all. If you put a proxy on amazon.hackeddomain.com and I connect through the proxy to the real amazon.com, where is the threat? If the SSL connection is established with the proxy, then the X.509 certificate on that host does not match www.amazon.com and the connection would not verify. If the connection is proxied to the real www.amazon.com the SSL connection will verify, and because it is protected end to end the proxy will not be able to do anything other than disconnect the connection at an arbitrary time. There is no man in the middle attack here. Jeffrey Altman * Sr.Software Designer The Kermit Project * Columbia University 612 West 115th St * New York, NY * 10025 * USA http://www.kermit-project.org/ * kermit-support@kermit-project.org