On 6 Dec, 2011, at 3:43 AM, ianG wrote: > The promise of PKI in secure browsing is that it addresses the MITM. That's > it, in a nutshell. If that promise is not true, then we might as well use > something else.
Is it? I thought that the purpose of a certificate was to authenticate the server to the client. This is a small, but important difference. If you properly authenticate the server, then (one hopes) that we've tacitly eliminated both an impersonation attack and a MiTM (an MiTM is merely a real-time, two-way impersonation). The problem is that we're authenticating the server by naming, and there are many entities with a reason to lie about names. There are legitimate and illegitimate reasons to lie about names, and while we know that it's going on, we don't have a characterization of what reality even *is*. We're seeing this in this very discussion. I also want to see proof that this is going on. I know it is, but I want to see it. These bogus certs are a lot like dark matter -- we know they're there, but we have little direct observation of them. Jon _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography