CDR: Re: Public Key Infrastructure: An Artifact...

obfuscation at beta.freedom.net obfuscation at beta.freedom.net
Thu Nov 16 14:54:46 PST 2000


Bram Cohen writes:
> In the vast majority of cases, preventing man in the middle attacks is a
> waste of time.

In the sense that, in the vast majority of communications, there is no
man in the middle attack being mounted?

Couldn't the same thing be said of cryptography, since in the vast
majority of cases there is no eavesdropping?

The point in both cases is that if you construct a protocol which has
weaknesses, eventually people may begin to exploit them.  Building a
supposedly secure crypto protocol which is weak against a man in the
middle attack is an invitation to trouble.  If you had reason to use
cryptography in the first place, you have reason to fear a man in the
middle attack.  Designing against that threat is not a waste of time,
it is insurance against future troubles.

Ob





More information about the cypherpunks-legacy mailing list