Who's afraid of Mallory Wolf?

Ed Gerck egerck at nma.com
Tue Mar 25 13:55:08 EST 2003



Jeroen van Gelderen wrote:

> Heu? I am talking about HTTPS (1) vs HTTP (2). I don't see how the MSIE
> bug has any effect on this.

Maybe we're talking about different MSIE bugs, which is not hard to do ;-)
I was referring to the MSIE bug that affects the SSL handshake in HTTPS,
from the context in discussion. BTW, HTTP has no provision to prevent
MITM in any case -- in fact, establishing a MITM is part of the HTTP
tool box and used in reverse proxies for example.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list