WYTM?
Eric Rescorla
ekr at rtfm.com
Tue Oct 14 00:43:03 EDT 2003
Ian Grigg <iang at systemics.com> writes:
> So to say that ITM is consensus is something
> that is going to have to be established.
Most comsec people I know subscribe to it. I don't
have a study to show it.
> In this case, the ITM was a) agreed upon after
> the fact to fill in the hole
I don't know what this means. If you'd asked a bunch of
comsec people what the appropriate threat model for SSL
was, they would have given you something very much
like SSL.
> > > (Actually, I'm not sure what SSH pops up, it's
> > > never popped up anything to me? Are you talking
> > > about a windows version?)
> > SSH in terminal mode says:
> >
> > "The authenticity of host 'hacker.stanford.edu (171.64.78.90)' can't be established.
> > RSA key fingerprint is d3:a8:90:6a:e8:ef:fa:43:18:47:4c:02:ab:06:04:7f.
> > Are you sure you want to continue connecting (yes/no)? "
> >
> > I actually find the Firebird popup vastly more understandable
> > and helpful.
>
>
> I'm not sure I can make much of your point,
> as I've never heard of nor seen a Firebird?
What, you've never heard of Google?
Mozilla is effectively slimmed down Mozilla. The Mozilla dialog is
somewhat more aggressive.
-Ekr
--
[Eric Rescorla ekr at rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list