On Sun, Aug 10, 2008 at 07:28:30PM -0700, David Schwartz wrote:
> I didn't say you are vulnerable to a MITM attack that compromises the
> endpoint. I said that if the endpoint is compromised, you are vulnerable to
> MITM attacks. The attacker need not compromise the endpoint himself. He may
> discover that a poorly-designed endpoint (even though it implement SSL
> perfectly) is in fact compromised.
At this point, you've just spent reams and reams of electrons stating
the obvious. If the endpoint is compromised, no protocol is going to
help you. This is true regardless of whether you are talking about
SSLv3, or Kerberos (if I have a copy of your server's keytab file, I
can forge arbitrary tickets), or IPSec (for any public key system, if
I can insert an untrustworthy CA certificate, it's all over), and so
on.
This is about as much of a tautology as shouting from the rooftops
that "the sky is blue" or "2+2=4". If you find this to be an insight
worthy of note, it says much more about *you* than of the protocol or
anyone on this list...
As the old saying goes, "better to be silent, and thought to be a
fool, and to speak, and remove all doubt."
- Ted
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
