Re: Agenda, security, and monitoring
2014-02-03 13:37:31
On Mon, Feb 3, 2014 at 2:18 PM, Brian E Carpenter <
brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote:
On 04/02/2014 03:00, Bjoern Hoehrmann wrote:
...
Again, with either PGP or S/MIME (and X.509) with a self-signed
cert or key, authentication is not needed to start using
encryption, only a (perhaps implicit) belief on the part of the
sender that, if the recipient can advertise a public key, it
probably has the private one and that the key-advertiser is not
the proverbial entity-in-the-middle.
Without entities in the middle, encryption is unnecessary.
I'm having difficulty understanding that assertion.Does your
definition of "entity in the middle" include passive wire/fibre taps?
Brian
There are active attacks and passive attacks.
When we talk about man in the middle attacks we are usually talking about
an active man in the middle who can change traffic.
A passive wire tap is not usually considered to be a 'man in the middle'
attack.
--
Website: http://hallambaker.com/
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Agenda, security, and monitoring, (continued)
- Re: Agenda, security, and monitoring, Phillip Hallam-Baker
- Re: Agenda, security, and monitoring, Scott Brim
- Re: Agenda, security, and monitoring, Ted Lemon
- Re: Agenda, security, and monitoring, Phillip Hallam-Baker
Re: Agenda, security, and monitoring, Stephen Farrell
- Re: Agenda, security, and monitoring, John C Klensin
- Re: Agenda, security, and monitoring, Pete Resnick
- Re: Agenda, security, and monitoring, John C Klensin
- Re: Agenda, security, and monitoring, Bjoern Hoehrmann
- Re: Agenda, security, and monitoring, Brian E Carpenter
- Re: Agenda, security, and monitoring,
Phillip Hallam-Baker <=
- Re: Agenda, security, and monitoring, Brian E Carpenter
Re: Agenda, security, and monitoring, Theodore Ts'o
Re: Agenda, security, and monitoring, Phillip Hallam-Baker
Re: Agenda, security, and monitoring, John C Klensin
Re: Agenda, security, and monitoring, Phillip Hallam-Baker
Re: Agenda, security, and monitoring, t.p.
Re: Agenda, security, and monitoring, Dave Crocker
Re: Agenda, security, and monitoring, Alessandro Vesely
Re: Agenda, security, and monitoring, Joseph Lorenzo Hall
Re: Agenda, security, and monitoring, Dale R. Worley
|
Previous by Date: |
Re: Agenda, security, and monitoring, Brian E Carpenter |
Next by Date: |
Re: Agenda, security, and monitoring, Brian E Carpenter |
Previous by Thread: |
Re: Agenda, security, and monitoring, Brian E Carpenter |
Next by Thread: |
Re: Agenda, security, and monitoring, Brian E Carpenter |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|