> > Nobody doubts that it can occur, and that it *can* > occur in practice. It is whether it *does* occur > that is where the problem lies. >
Or, whether it gets reported if it does occur. > The question is one of costs and benefits - how much > should we spend to defend against this attack? How > much do we save if we do defend? > Absolutely true. If the "only" effect of a MITM is loss of privacy, then that is certainly a lower-priority item to fix than some quick cash scheme. So the "threat model" needs to clearly define who the bad guys are, and what their motivations are. But then again, if I am the victim of a MITM attack, even if the bad guy did not financially gain directly from the attack (as in, getting my money or something for free), I would consider "loss of privacy" a significant thing. What if an attacker were paid by someone (indirect financial gain) to ruin me by buying a bunch of stock on margin? Maybe not the best example, but you get the idea. It is not an attack that affects millions of people, but to the person involved, it is pretty serious. Shouldn't the "server" in this case help mitigate this type of attack? > > So, why bother with something that isn't a threat? > Why can't we spend more time on something that *is* > a threat, one that occurs daily, even hourly, some > times? > I take your point, but would suggest "isn't a threat" be replaced by "doesn't threaten the majority". And are we at a point where it needs to be a binary thing -- fix this OR that but NOT both? -- tomo --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]