Just to clarify things, let's put a face on the phenomenon: http://www.washingtonpost.com/world/middle-east/syrian-activist-ghiyath-mata... Before you say "It's the dissident's fault", "everyone obviously does, or should, understand that SSL is broken", "dissidents do, or should, have something better than SSL available to them", and so on b Think about Ghiyath Matar. Just a random tailor. He was Syrian, not Iranian; we don't know him to have been tortured to death as a result of the failures of SSL. But we do know that people like him in Iran are being or have been MITM'd. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE