[Cryptography] ISPs caught in STARTTLS downgrade attacks
Bill Frantz
frantz at pwpconsult.com
Fri Nov 14 23:43:27 EST 2014
On 11/14/14 at 3:01 PM, leichter at lrw.com (Jerry Leichter) wrote:
>that is, the only service that encrypted connections would
>break - is spam and malware detection. And there are
>alternative architectures even there, and strong arguments for
>why such services belong at the endpoints, not in the network itself.
I hope these alternative architectures which put the services in
the end point include an economic analysis of the load of email
that would be sent over cell phone connections with their
limited "free" data.
I remember the mail bomb effect when my email address was used
as a From: address by a spamer. I got an incredible number of "I
have treated your email as spam ..." message from Barracuda
email gateways, well over 5000. I'm glad I didn't get that when
my net access was through my phone.
So long as there are telephone companies involved, bits won't be
free. :-(
Cheers - Bill
--------------------------------------------------------------
Bill Frantz | There are now so many exceptions to the
408-356-8506 | Fourth Amendment that it operates only by
www.pwpconsult.com | accident. - William Hugh Murray
More information about the cryptography
mailing list