On 09/18/2008 11:50 PM, Kyle Hamilton: > Client Alice connects to server Mary. Mary sends a certificate with > an AIA, no chain.
Cute :-) > Mary happens to be a honeypot. > > Alice looks up AIA, makes connection to Mallory to retrieve the certificate. > > Mallory is looking for people who are looking at Mary. > > Mallory knows, beyond a shadow of a doubt, that Alice is looking at Mary. > Since Mary and Mallory are under the same control it doesn't matter. Whoever controls Mary knows that Alice is looking at Mary anyway...Even in the scenario of Mary being compromised doesn't matter anymore... -- Regards Signer: Eddy Nigg, StartCom Ltd. Jabber: [EMAIL PROTECTED] Blog: https://blog.startcom.org _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
