Stephen Farrell:
However, say we're wrong and someone who thinks OS is a waste
of time is actually correct, what would such a person recommend
that we do as well as, or instead of, OS?
[BA] It depends on who we are trying to protect, and from what (or whom).
If the target is protection of dissidents from oppressive regimes, then you
need something much more comprehensive than 'unauthenticated opportunistic
encryption" (e.g. along the lines of Tor).
If the target is protection against PM within wealthy nations, then you'd need
something that can't be rendered harmless by a modest budget increase.A number
of MITM protection mechanisms have been suggested (e.g. DANE, channel binding,
etc.).
Also, in this category should be mechanisms for protecting privacy against
private-sector adversaries. As long as private companies can amass huge
dociers without resort to PM (or without the need to subvert OS), and are
willing to sell that personal information to third parties (dodgy ones, let
alone governments), one wonders whether government agencies would make better
use of their funds by "buying" surveillance, rather than trying to "build" it.