ietf
[Top] [All Lists]

Re: Agenda, security, and monitoring

2014-02-03 13:37:31
On Mon, Feb 3, 2014 at 2:18 PM, Brian E Carpenter <
brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote:

On 04/02/2014 03:00, Bjoern Hoehrmann wrote:
...
Again, with either PGP or S/MIME (and X.509) with a self-signed
cert or key, authentication is not needed to start using
encryption, only a (perhaps implicit) belief on the part of the
sender that, if the recipient can advertise a public key, it
probably has the private one and that the key-advertiser is not
the proverbial entity-in-the-middle.

Without entities in the middle, encryption is unnecessary.

I'm having difficulty understanding that assertion.Does your
definition of "entity in the middle" include passive wire/fibre taps?

   Brian


There are active attacks and passive attacks.

When we talk about man in the middle attacks we are usually talking about
an active man in the middle who can change traffic.

A passive wire tap is not usually considered to be a 'man in the middle'
attack.

-- 
Website: http://hallambaker.com/