[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certificate proposal

> The POV I am really arguing against is the one that defines identity to
> be a key, that states that in communicating with a key you are by
> definition communicating with the person you have in mind.  The man in
> the middle attack does not exist because from your point of view the
> entity at the other end of the communication channel is just the MITM
> plus the person you think you are talking to.  This idea has been
> expressed many times by other people in this discussion, and it is this
> which I think is fundamentally flawed and even dangerous because it
> encourages the use of untested keys.  In fact it seems to define away
> the question of whether a key is real or fake.
> Hal

Suppose you have Alice, Bob, and Mallet. (Mallet is the convention for
the MITM, right?)

	Suppose Alice and Bob are communicating privately. Suppose
that Mallet is one of Bob's personalities, because he suffers from
multiple personality disorder.

	How is this different from where Mallet is actually Bob's ISP?

	Even if Alice & Bob were talking in person, privately, Alice
doesn't know that she is also talking to Mallet. My point is that
given no other context, there is *no way* to know for certain that you
are communication with the person you have in mind.

	Or suppose that Bob is a drug user doing a plea bargain. He
agrees to have his communications monitored via MITM attack to get a
lesser sentence. He buys drugs from Alice and Alice gets caught.

	The thing I am emphasizing here is the necessity to have some
sort of -context- when addressing MITM. In a situation without
context, MITM is not an issue. In a situation -with- context, MITM is
an issue.

sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			[email protected]