CDR: Public Key Infrastructure: An Artifact...
Ben Laurie
ben at algroup.co.uk
Sat Nov 18 14:21:07 PST 2000
Bram Cohen wrote:
>
> On Sat, 18 Nov 2000, Ben Laurie wrote:
>
> > Bram Cohen wrote:
> > >
> > > Unless that problem is fixed, man in the middle is hardly made more
> > > difficult - for example, Mallory could break into some random machine on
> > > the net and steal it's public key, then hijack local DNS and when someone
> > > goes to amazon.com redirect them to amazon.hackeddomain.com, and then
> > > proxy to amazon.com - now even SSL says the connection is safe.
> >
> > Yes, and Mallory can't read the data - so what was the point?
>
> Yes he can - he's presenting the key for hackeddomain.com, which he stole,
> so he's quite capable of reading requests sent for it.
Apologies, yes, you are correct, I misunderstood. But isn't this what
Lynn was suggesting in the first place?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
More information about the cypherpunks-legacy
mailing list