Gregory Maxwell [ARCHIVE] on Nostr: đź“… Original date posted:2013-12-08 đź“ť Original message:On Sun, Dec 8, 2013 at ...
đź“… Original date posted:2013-12-08
đź“ť Original message:On Sun, Dec 8, 2013 at 11:16 AM, Drak <drak at zikula.org> wrote:
> BGP redirection is a reality and can be exploited without much
You're managing to argue against SSL. Because it actually provides
basically protection against an attacker who can actively intercept
traffic to the server. Against that threat model SSL is clearly— based
on your comments— providing a false sense of security.
We _do_ have protection that protect against that— the pgp signature,
but they are far from a solution since people do not check that.
(I'm not suggesting we shouldn't have it, I'm suggesting you stop
arguing SSL provides protection it doesn't before you manage to change
my mind!)
đź“ť Original message:On Sun, Dec 8, 2013 at 11:16 AM, Drak <drak at zikula.org> wrote:
> BGP redirection is a reality and can be exploited without much
You're managing to argue against SSL. Because it actually provides
basically protection against an attacker who can actively intercept
traffic to the server. Against that threat model SSL is clearly— based
on your comments— providing a false sense of security.
We _do_ have protection that protect against that— the pgp signature,
but they are far from a solution since people do not check that.
(I'm not suggesting we shouldn't have it, I'm suggesting you stop
arguing SSL provides protection it doesn't before you manage to change
my mind!)