RE: [saag] Is opportunistic unauthenticated encryption a waste of time?

This assumes that the telecom carriers and/or the suppliers of the
carrier grade equipment would cooperate with the nation-states in
question.  That could happen, certainly, but it becomes much more
difficult to do this surreptitiously.


It is also fairly easy for OS conscious applications to use channel binding 
schemes and detect the MITM. At that point, the spies have to move from covert 
monitoring to overt surveillance, which should have some noticeable political 
consequences.

-- Christian Huitema

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), (continued) Re: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), Viktor Dukhovni RE: Adept Encryption: Was: [saag] DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), l.wood Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Viktor Dukhovni Re: [saag]: Review of: Opportunistic Security -03 preview for comment, Paul Wouters Re: [saag] : Review of: Opportunistic Security -03 preview for comment, Stephen Kent Re: [saag] Adept Encryption: Was: DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), Nico Williams RE: [saag] Adept Encryption: Was: DANE should be more prominent (Re: Review of: Opportunistic Security -03 preview for comment), l.wood Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Viktor Dukhovni RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Bernard Aboba Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Theodore Ts'o RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Christian Huitema <= Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Nico Williams RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Bernard Aboba Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Stephen Farrell RE: [saag] Is opportunistic unauthenticated encryption a waste of time?, Bernard Aboba Re: [saag] Is opportunistic unauthenticated encryption a waste of time?, Stephen Farrell Message not available Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Eric Burger Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Michael StJohns Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Brian E Carpenter Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Ted Hardie Re: Is traffic analysis really a target (was Re: [saag] Is opportunistic unauthenticated encryption a waste of time?), Brian E Carpenter