From: sjb@universe.digex.net (Scott Brickner)
To: m5@dev.tivoli.com (Mike McNally)
Message Hash: f26758264570d17dc6585ca6d65bf76b19768a0941ed26cf187a3f858cd12091
Message ID: <9510101532.AA17835@ozymandias.austin.ibm.com>
Reply To: <9510101243.AA28296@alpha>
UTC Datetime: 1995-10-10 15:33:35 UTC
Raw Date: Tue, 10 Oct 95 08:33:35 PDT
From: sjb@universe.digex.net (Scott Brickner)
Date: Tue, 10 Oct 95 08:33:35 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: Certificate proposal
In-Reply-To: <9510101243.AA28296@alpha>
Message-ID: <9510101532.AA17835@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain
Mike McNally writes
>
>Scott Brickner writes:
> > I disagree. The MITM is foiled by one successful communication.
>
>I'm going to need some clarification of this; what is meant by
>"successful"? If you mean "a communication without a MITM
>participating", and presuming also that that communication would
>involve a key validation, then I suppose it's true. However, I don't
>see how this success can be evaluated if the parties do not have
>nearly complete control over the communications substrate.
By "successful" I mean communicating without the MITM *interfering*.
Either the parties need to exchange a symmetric key without the MITM
eavesdropping, or exchange asymmetric keys without the MITM modifying
them.
The chance of failure is minimized by diversity in the channels used to
try to bypass the MITM. The issue becomes one of risk management. If
you can't afford a failure, you *do* need a channel over which you have
nearly complete control. The simplest such channel is a physical
meeting, during which you exchange public keys. If the MITM threat is
from your ISP, you are likely to bypass his control with the telephone
network. Any single success is adequate.
Return to October 1995
Return to “tcmay@got.net (Timothy C. May)”