The POV I am really arguing against is the one that defines identity to be a key, that states that in communicating with a key you are by definition communicating with the person you have in mind. The man in the middle attack does not exist because from your point of view the entity at the other end of the communication channel is just the MITM plus the person you think you are talking to. This idea has been expressed many times by other people in this discussion, and it is this which I think is fundamentally flawed and even dangerous because it encourages the use of untested keys. In fact it seems to define away the question of whether a key is real or fake.
Hal
Suppose you have Alice, Bob, and Mallet. (Mallet is the convention for the MITM, right?) Suppose Alice and Bob are communicating privately. Suppose that Mallet is one of Bob's personalities, because he suffers from multiple personality disorder. How is this different from where Mallet is actually Bob's ISP? Even if Alice & Bob were talking in person, privately, Alice doesn't know that she is also talking to Mallet. My point is that given no other context, there is *no way* to know for certain that you are communication with the person you have in mind. Or suppose that Bob is a drug user doing a plea bargain. He agrees to have his communications monitored via MITM attack to get a lesser sentence. He buys drugs from Alice and Alice gets caught. The thing I am emphasizing here is the necessity to have some sort of -context- when addressing MITM. In a situation without context, MITM is not an issue. In a situation -with- context, MITM is an issue. -- sameer Voice: 510-601-9777 Community ConneXion FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org (or login as "guest") sameer@c2.org