I think the question was "are you talking about certificates with a
validating signature?" and I think I answered that... more or less. If it
wasn't clear, then "YES" I am talking about generated certs that will
validate 100% locally.

If by sub-bridge you mean 'the real world' where people know better than to
think ANYTHING is secure on a network when the 'bad guy' has local access
and knows what he/she is doing, then yeah... that's where I live. Putting
faith in SSL to protect against local attacks is absurd. Claiming that
setting it up 'correctly' protects better against local MiTM attacks is
nothing short of naïve.


-----Original Message-----
From: Tom Chiverton [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 03, 2006 11:13 AM
To: CF-Talk
Subject: Re: Break it down for n00bs: security problems of non-SSL intrane
t?

On Tuesday 03 October 2006 15:35, Dave Watts wrote:
> [a very nice attempt to get Bobby to explain]

Rule number one from "Mythological Beasts on Mailing Lists" states "do not 
feed" in the section on sub-bridge dwellers :-)

-- 
Tom Chiverton
Helping to revolutionarily strategize professional networks

****************************************************

This email is sent for and on behalf of Halliwells LLP.

Halliwells LLP is a limited liability partnership registered in England and
Wales under registered number OC307980 whose registered office address is at
St James's Court Brown Street Manchester M2 2JF.  A list of members is
available for inspection at the registered office. Any reference to a
partner in relation to Halliwells LLP means a member of Halliwells LLP.
Regulated by the Law Society.

CONFIDENTIALITY

This email is intended only for the use of the addressee named above and may
be confidential or legally privileged.  If you are not the addressee you
must not read it and must not use any information contained in nor copy it
nor inform any person other than Halliwells LLP or the addressee of its
existence or contents.  If you have received this email in error please
delete it and notify Halliwells LLP IT Department on 0870 365 8008.

For more information about Halliwells LLP visit www.halliwells.com.




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting,
up-to-date ColdFusion information by your peers, delivered to your door four 
times a year.
http://www.fusionauthority.com/quarterly

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:255194
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Reply via email to