On Thu, 16 Jun 2005, Keith Moore wrote:
If I'm not mistaken, TLS does protect against impersonation of a server,
because part of what is used to derive the encryption key is signed with the
server's private key, and the client checks the server certificate using the
CAs' keys that the client already knows about. Granted this is of little
value if the user gets a popup message that says "we can't validate the
server's key, should we trust it anyway?" and says yes without stopping to
think about whether a MitM attack might be possible.
It is unfortunately common for email client software to silently fall back
to insecure submission if TLS or AUTH fail in any way :-(
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.