Paul Rubin wrote: > "Martin v. Löwis" <[EMAIL PROTECTED]> writes: >> It means that these modules can do encrypted communication for their >> respective protocol. They cannot validate that they are really talking >> to the server they think they talk to (so they are prone to a >> man-in-the-middle attack), however, as communication is encrypted, they >> are protected against wire-tapping. > > Unless the wiretapper is running a man-in-the-middle attack... > That's pretty unreasonable: wiretapping is normally regarded as passive listening - when the FBI tap your wire do they try and impersonate the people you are calling? - and Martin already explained that man-in-the-middle was still a risk.
Why muddy the issue with this "point"? regards Steve -- Steve Holden +44 150 684 7255 +1 800 494 3119 Holden Web LLC/Ltd http://www.holdenweb.com Skype: holdenweb http://del.icio.us/steve.holden Recent Ramblings http://holdenweb.blogspot.com -- http://mail.python.org/mailman/listinfo/python-list
