Thats broken, just like the "WAP GAP" ... for security you want end2end security, not a secure channel to an UTP (untrusted third party)!
Adam On Thu, Aug 25, 2005 at 02:09:48PM -0700, Eric Rescorla wrote: > Most chat protocols (and Jabber in particular) are server-oriented > protocols. So, the SSL certificate in question isn't that of your > buddy but rather of your Jabber server. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
