On Mon, Jan 01, 2001 at 02:31:18AM -0600, Steven Hazel wrote:
> Travis Bemann <bemann@bemann> writes:
>
> > This requires that the *first* connection between Alice and Bob
> > *MUST* be MITMed. If this first connection is not MITMed, then MITM
> > is not possible between Alice and Bob. This is the case with other
> > protocols such as SSH (assuming that there is no initial shared
> > secret).
>
> This is the case with all public key cryptography.
>
> A more potent solution would be one in which Alice and Bob verified
> each other's keys with several other nodes, so that at least one of
> them would have to be completely isolated from Freenet from the very
> beginning in order for MITM to work.
One of them has to be completely isolated from freenet in order for a MITM
to work in the protocol that Scott posted as well. If you can't see that
you ware misunderstanding something (we had a long discussion about this
with a bunch of silly proposals about "checking with others" before
people understood this last time we had this discussion, lets not go back
there).
>
> -S
>
> _______________________________________________
> Freenet-dev mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev
--
'DeCSS would be fine. Where is it?'
'Here,' Montag touched his head.
'Ah,' Granger smiled and nodded.
Oskar Sandberg
[EMAIL PROTECTED]
_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
