Ted T'so wrote: > At this point, you've just spent reams and reams of electrons stating > the obvious.
Yes, for the second time, because some people *still* don't understand it. (It's quite obvious to you and me, not so obvious to the people who still don't get it.) > If the endpoint is compromised, no protocol is going to > help you. This is true regardless of whether you are talking about > SSLv3, or Kerberos (if I have a copy of your server's keytab file, I > can forge arbitrary tickets), or IPSec (for any public key system, if > I can insert an untrustworthy CA certificate, it's all over), and so > on. Exactly. So you can't say "my project uses SSLv3, so I don't have to worry about MITM attacks". You have to say "my project uses SSLv3, and I have made sure there are no problems is the *way* I used SSLv3 that might result in my endpoint being 'compromised be design'." > This is about as much of a tautology as shouting from the rooftops > that "the sky is blue" or "2+2=4". If you find this to be an insight > worthy of note, it says much more about *you* than of the protocol or > anyone on this list... Then think about how wrong the people disagreeing with me must be! I hardly consider it an insight worthy of note. I simply repeat it for the benefit of those who keep saying things like "if you use SSLv3, you don't have to worry about MITM attacks". Because these people do in fact sometimes produces what you and I would consider compromised hosts. > As the old saying goes, "better to be silent, and thought to be a > fool, and to speak, and remove all doubt." Tell that to the people who are disagreeing with me. Unfortunately, there are real people who are using OpenSSL to implement a communications scheme who think they are immune to MITM attacks because people keep telling them that SSLv3 is immune to MITM attacks. In fact, it provides you the tools to stop a MITM attack, but you can very easily use it in a naive way such that you are vulnerable to MITM attacks. I recognize that this is completely obvious to all people who understand even a small amount about cryptography. However, it is fact learned from experience that people who don't understand even a small amount of cryptogaphy sometimes implement it. If you trace the history of my original comment on this, it was in response to just such a person. http://www.mail-archive.com/[EMAIL PROTECTED]/msg31875.html DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
