On Sun, Jun 26, 2011 at 12:26:40PM -0500, Marsh Ray wrote: [...] > Now maybe it's different for ISP core router admins, but the > existence of this product strongly implies that at least some admins > are connecting to their router with their web browser over HTTPS and > typing in the same password that they use via SSH. [...]
Valid point, but flawed example. Managing these things day in and day out, I can tell you this is the first thing any experienced admin disables when initially configuring the device. If your admin is managing your routers with a Web interface, SSL MitM is the *least* of your worries, honestly. -- { IRL(Jeremy_Stanley); WWW(http://fungi.yuggoth.org/); PGP(43495829); WHOIS(STANL3-ARIN); SMTP(fu...@yuggoth.org); FINGER(fu...@yuggoth.org); MUD(kin...@katarsis.mudpy.org:6669); IRC(fu...@irc.yuggoth.org#ccl); ICQ(114362511); YAHOO(crawlingchaoslabs); AIM(dreadazathoth); } _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography