SSL, client certs, and MITM (was WYTM?)
David Wagner
daw at mozart.cs.berkeley.edu
Wed Oct 22 18:53:01 EDT 2003
Tom Otvos wrote:
>As far as I can glean, the general consensus in WYTM is that MITM
>attacks are very low (read:
>inconsequential) probability. Is this *really* true?
I'm not aware of any such consensus.
I suspect you'd get plenty of debate on this point.
But in any case, widespread exploitation of a vulnerability
shouldn't be a prerequisite to deploying countermeasures.
If we see a plausible future threat and the stakes are high enough,
it is often prudent to deploy defenses in advance against the possibility
that attackers. If we wait until the attacks are widespread, it may be
too late to stop them. It often takes years (or possibly a decade or more:
witness IPSec) to design and widely deploy effective countermeasures.
It's hard to predict with confidence which of the many vulnerabilities
will be popular among attackers five years from now, and I've been very wrong,
in both directions, many times. In recognition of our own fallibility at
predicting the future, the conclusion I draw is that it is a good idea
to be conservative.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list