1995-10-10 - Re: Certificate proposal
Header Data
From: sjb@universe.digex.net (Scott Brickner)
To: m5@dev.tivoli.com (Mike McNally)
Message Hash: f26758264570d17dc6585ca6d65bf76b19768a0941ed26cf187a3f858cd12091
Message ID: <9510101532.AA17835@ozymandias.austin.ibm.com>
Reply To: <9510101243.AA28296@alpha>
UTC Datetime: 1995-10-10 15:33:35 UTC
Raw Date: Tue, 10 Oct 95 08:33:35 PDT
Raw message
From: sjb@universe.digex.net (Scott Brickner)
Date: Tue, 10 Oct 95 08:33:35 PDT
To: m5@dev.tivoli.com (Mike McNally)
Subject: Re: Certificate proposal
In-Reply-To: <9510101243.AA28296@alpha>
Message-ID: <9510101532.AA17835@ozymandias.austin.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain
Mike McNally writes
>
>Scott Brickner writes:
> > I disagree. The MITM is foiled by one successful communication.
>
>I'm going to need some clarification of this; what is meant by
>"successful"? If you mean "a communication without a MITM
>participating", and presuming also that that communication would
>involve a key validation, then I suppose it's true. However, I don't
>see how this success can be evaluated if the parties do not have
>nearly complete control over the communications substrate.
By "successful" I mean communicating without the MITM *interfering*.
Either the parties need to exchange a symmetric key without the MITM
eavesdropping, or exchange asymmetric keys without the MITM modifying
them.
The chance of failure is minimized by diversity in the channels used to
try to bypass the MITM. The issue becomes one of risk management. If
you can't afford a failure, you *do* need a channel over which you have
nearly complete control. The simplest such channel is a physical
meeting, during which you exchange public keys. If the MITM threat is
from your ISP, you are likely to bypass his control with the telephone
network. Any single success is adequate.
Thread
Return to October 1995
- Return to “aba@dcs.exeter.ac.uk”
- Return to “Adam Shostack <adam@homeport.org>”
- Return to “Bob Smart <smart@mel.dit.csiro.au>”
- Return to “Eli Brandt <eli@UX3.SP.CS.CMU.EDU>”
- Return to “Hal <hfinney@shell.portal.com>”
- Return to “m5@dev.tivoli.com (Mike McNally)”
- Return to “Mats Bergstrom <asgaard@sos.sll.se>”
- Return to “sameer <sameer@c2.org>”
- Return to “Scott Brickner <sjb@universe.digex.net>”
- Return to “sjb@universe.digex.net (Scott Brickner)”
Return to “tcmay@got.net (Timothy C. May)”
- 1995-10-09 (Mon, 9 Oct 95 10:28:50 PDT) - Re: Certificate proposal - tcmay@got.net (Timothy C. May)
- 1995-10-09 (Mon, 9 Oct 95 12:04:29 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-09 (Mon, 9 Oct 95 12:31:33 PDT) - Re: Certificate proposal - sameer <sameer@c2.org>
- 1995-10-09 (Mon, 9 Oct 95 13:40:11 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-09 (Mon, 9 Oct 95 16:03:45 PDT) - Re: Certificate proposal - Scott Brickner <sjb@universe.digex.net>
- 1995-10-09 (Mon, 9 Oct 95 16:07:03 PDT) - Re: Certificate proposal - Eli Brandt <eli@UX3.SP.CS.CMU.EDU>
- 1995-10-09 (Mon, 9 Oct 95 16:25:16 PDT) - Re: Certificate proposal - m5@dev.tivoli.com (Mike McNally)
- 1995-10-09 (Mon, 9 Oct 95 14:15:11 PDT) - Re: Certificate proposal - m5@dev.tivoli.com (Mike McNally)
- 1995-10-09 (Mon, 9 Oct 95 15:42:04 PDT) - Re: Certificate proposal - aba@dcs.exeter.ac.uk
- 1995-10-09 (Mon, 9 Oct 95 16:17:41 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-10 (Mon, 9 Oct 95 17:01:03 PDT) - Re: Certificate proposal - sameer <sameer@c2.org>
- 1995-10-10 (Mon, 9 Oct 95 17:02:51 PDT) - Re: Certificate proposal - Bob Smart <smart@mel.dit.csiro.au>
- 1995-10-10 (Tue, 10 Oct 95 07:20:09 PDT) - Re: Certificate proposal - Adam Shostack <adam@homeport.org>
- 1995-10-10 (Tue, 10 Oct 95 07:52:27 PDT) - Re: Certificate proposal - m5@dev.tivoli.com (Mike McNally)
- 1995-10-10 (Tue, 10 Oct 95 09:22:07 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-09 (Mon, 9 Oct 95 16:17:41 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-09 (Mon, 9 Oct 95 16:11:29 PDT) - Re: Certificate proposal - m5@dev.tivoli.com (Mike McNally)
- 1995-10-09 (Mon, 9 Oct 95 16:52:11 PDT) - Re: Certificate proposal - Scott Brickner <sjb@universe.digex.net>
- 1995-10-10 (Tue, 10 Oct 95 05:44:46 PDT) - Re: Certificate proposal - m5@dev.tivoli.com (Mike McNally)
- 1995-10-10 (Tue, 10 Oct 95 08:33:35 PDT) - Re: Certificate proposal - sjb@universe.digex.net (Scott Brickner)
- 1995-10-09 (Mon, 9 Oct 95 15:42:04 PDT) - Re: Certificate proposal - aba@dcs.exeter.ac.uk
- 1995-10-09 (Mon, 9 Oct 95 13:40:11 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-09 (Mon, 9 Oct 95 12:31:33 PDT) - Re: Certificate proposal - sameer <sameer@c2.org>
- 1995-10-09 (Mon, 9 Oct 95 12:35:35 PDT) - Re: Certificate proposal - m5@dev.tivoli.com (Mike McNally)
- 1995-10-09 (Mon, 9 Oct 95 13:55:12 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-09 (Mon, 9 Oct 95 14:40:16 PDT) - Re: Certificate proposal - sameer <sameer@c2.org>
- 1995-10-09 (Mon, 9 Oct 95 14:47:55 PDT) - Re: Certificate proposal - m5@dev.tivoli.com (Mike McNally)
- 1995-10-11 (Tue, 10 Oct 95 17:53:10 PDT) - Re: Certificate proposal - Mats Bergstrom <asgaard@sos.sll.se>
- 1995-10-09 (Mon, 9 Oct 95 16:54:56 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-09 (Mon, 9 Oct 95 12:04:29 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>