On Sun, Nov 17, 2013 at 5:12 PM, Masataka Ohta <
mohta(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp> wrote:
Theodore Ts'o wrote:
For example, using D-H with no attempt to authenticate the endpoints
means does not protect you against an active attacker who is carrying
out a MITM attack.
That being said, the problem for PKI is that, assuming active
MITM attacks both on ISP chains and CA chains, it offer no
better security than DH,
As DH involves end systems only, there is no point of deploying
PKI with no additional benefits.
If we assume that the attack model is flying horses armed with lasers there
is no additional benefit.
The point is not what the consequences of the assumptions are, the question
is how likely the assumptions are. If you leave that out of the equation
then the result is nonsense.
--
Website: http://hallambaker.com/