Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Bram Cohen (bramgawth.com)
Date: Fri Feb 23 2001 - 20:50:49 CST
On Fri, 23 Feb 2001, Eric Rescorla wrote:
> SSL ISN'T broken against MITM, as has been pointed out on this list
> before. It's certainly not any more broken than any other
> certificate-based system.
> The problem, as with all identity-based access control systems, is that
> you have to be very careful about comparing people's identities with
> what you expect.
And urls do not do a good job of conveying identity, hence SSL's MITM is
"Markets can remain irrational longer than you can remain solvent"
-- John Maynard Keynes