On Wed, May 04, 2016 at 10:13:09PM +0000, Adrien de Croy <adr...@qbik.com> wrote a message of 316 lines which said:
> TLS was designed to provide data integrity and security, but not in > the face of MitM attacks. You're playing with words here. It all depends if you use TLS in the strict sense (just the protocol) or the wider one (with authentication; note that authentication is a official part of the spec, in section 7 of RFC 5246, it is not delegated to some other RFC). > Google's push for https everywhere has in our experience provided > significant incentive for MitM deployment. It seems an argument straight from the attackers: "we are forced to improve our attacks because the users - the bastards, how do they dare? - improved their defenses". _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop