1994-02-09 - Re: Talking to strangers (was: Crypto Regulation Reform)

Header Data

From: mgream@acacia.itd.uts.edu.au (Matthew Gream)
To: rcain@netcom.com (Robert Cain)
Message Hash: 50eaf51859f8dcc172948d6c81f25d086466b57e2f87a14d85c6115a0aa9476f
Message ID: <9402090225.AA26157@acacia.itd.uts.EDU.AU>
Reply To: <199402090056.QAA28858@mail.netcom.com>
UTC Datetime: 1994-02-09 02:27:14 UTC
Raw Date: Tue, 8 Feb 94 18:27:14 PST

Raw message

From: mgream@acacia.itd.uts.edu.au (Matthew Gream)
Date: Tue, 8 Feb 94 18:27:14 PST
To: rcain@netcom.com (Robert Cain)
Subject: Re: Talking to strangers (was: Crypto Regulation Reform)
In-Reply-To: <199402090056.QAA28858@mail.netcom.com>
Message-ID: <9402090225.AA26157@acacia.itd.uts.EDU.AU>
MIME-Version: 1.0
Content-Type: text/plain


Earlier, Robert Cain wrote:

> We shall see.  I contend that with this I can establish a spoof-proof
> point to point with a total stranger to any desired probability that
> a spoof could not be there without disclosing him/her.  It is not hard
> for me to envision, especially in business situations, how such a
> thing would be more than useful.

If I understand you correctly, your asserting that without _any_ prior
knowledge of the person you are communicating to, and without any form
of online checks before or during your authentication mechanism, that
you can be _sure_ you're talking to said stranger ? 

Unless there are other presumptions, I fail to see how you can be sure 
you are communicating to someone, when you don't know who they are. 
Even if you can get something akin to a pgp key with an identifier and 
be sure you are taking to the owner of _that_ identifier, but you can't 
be sure that identifier is real and/or not a forgery.

Given those circumstances, wouldn't a man in the middle relay attack be
a piece of cake ? 

Matthew.
-- 
Matthew Gream. ph: (02)-821-2043. M.Gream@uts.edu.au.
PGPMail and brown paperbags accepted.

Thread

• Return to February 1994

• Return to “m5@vail.tivoli.com (Mike McNally)”
• Return to “mgream@acacia.itd.uts.edu.au (Matthew Gream)”
• Return to ““Perry E. Metzger” <pmetzger@lehman.com>”
• Return to “rcain@netcom.com (Robert Cain)”

• Return to “sdw@meaddata.com (Stephen Williams)”

• 1994-02-05 (Sat, 5 Feb 94 11:35:40 PST) - Crypto Regulation Reform - rcain@netcom.com (Robert Cain)
  • 1994-02-05 (Sat, 5 Feb 94 12:20:19 PST) - Crypto Regulation Reform - m5@vail.tivoli.com (Mike McNally)
    • 1994-02-07 (Mon, 7 Feb 94 07:51:37 PST) - Re: Crypto Regulation Reform - “Perry E. Metzger” <pmetzger@lehman.com>
      • 1994-02-09 (Tue, 8 Feb 94 16:10:53 PST) - Re: Crypto Regulation Reform - rcain@netcom.com (Robert Cain)
        • 1994-02-09 (Tue, 8 Feb 94 17:02:13 PST) - Re: Crypto Regulation Reform - “Perry E. Metzger” <pmetzger@lehman.com>
          • 1994-02-09 (Tue, 8 Feb 94 17:22:11 PST) - Re: Crypto Regulation Reform - rcain@netcom.com (Robert Cain)
            • 1994-02-09 (Tue, 8 Feb 94 19:02:11 PST) - Re: Crypto Regulation Reform - “Perry E. Metzger” <pmetzger@lehman.com>
              • 1994-02-09 (Wed, 9 Feb 94 09:42:23 PST) - Re: Crypto Regulation Reform - sdw@meaddata.com (Stephen Williams)
    • 1994-02-08 (Tue, 8 Feb 94 14:22:03 PST) - Re: Crypto Regulation Reform - rcain@netcom.com (Robert Cain)
      • 1994-02-08 (Tue, 8 Feb 94 15:50:58 PST) - Re: Crypto Regulation Reform - “Perry E. Metzger” <pmetzger@lehman.com>
        • 1994-02-09 (Tue, 8 Feb 94 17:07:14 PST) - Re: Crypto Regulation Reform - rcain@netcom.com (Robert Cain)
          • 1994-02-09 (Tue, 8 Feb 94 18:27:14 PST) - Re: Talking to strangers (was: Crypto Regulation Reform) - mgream@acacia.itd.uts.edu.au (Matthew Gream)
          • 1994-02-09 (Wed, 9 Feb 94 07:42:24 PST) - Re: Talking to strangers (was: Crypto Regulation Reform) - m5@vail.tivoli.com (Mike McNally)
            • 1994-02-09 (Wed, 9 Feb 94 13:47:26 PST) - Re: Talking to strangers (was: Crypto Regulation Reform) - rcain@netcom.com (Robert Cain)