On Tuesday 25 March 2003 15:22, Bill Stewart wrote: > I get the impression that we're talking at cross-purposes here, > with at least two different discussions.
Yep. I haven't counted them up yet, but the full discussion includes at least 6 disparate threads. The challenge is to not arbitrarily switch from one thread to another without losing the context of the first. The way I got where (I think) I am is this: Fact: The SSL cert that is required for the server is expensive. Question: Why do we have to pay that expense, and what happens if we use a self-signed cert? Answer: "the MITM!" "Spoofing!" OK, so now let's challenge the assumptions: Question: What is the MITM? And why should we care? And, when we've answered that question, let's plug that truth back into the 1st question. (And, the same for spoofing.) > Let's look at several cases: > > 1 - Sites that have SSL and Expensive Certs that need them and need MITM > protection > 1a - These sites, but with other security holes making it easy to break in. > 1b - These sites, broken by SSL bugs or browser bugs > 2 - Sites that have SSL and Expensive Certs that don't need them, > as long as they've got some crypto like self-signed certs, > which don't give MITM protection > 3 - Sites that don't have SSL today because it's too annoying, > for which crypto would be useful, > and ADH or self-signed certs would be good enough, > because MITM isn't a big threat for them. > 4 - Sites that don't need crypto. Fantastic! a 2 x 2: GOT HTTP SSL+ ONLY cert Want Crypto 1 Want (may have bugs) certs Want 2 3 Crypto (adh/ssc) Don't 4 want Crypto Totals: 1% 99% Hmm, it drew out as a 2 x 3 (only in fixed font). So, I wonder what the totals on the right would be? How many people want crypto/MITM, how many would be happy with crypto/no MITM protection, and how many don't want any crypto? -- iang --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]