On 30/05/14 18:53, Joshua Cranmer 🐧 wrote: >> Forgive me, but that sounds like "I'm going to propose a solution with >> one glaring flaw that has always sunk it in the past, and then gloss >> over that flaw by saying 'I don't have the security experience - someone >> else fix it'." > > Actually, that is essentially what I'm saying. I know other people at > Mozilla have good security backgrounds and can discuss the issue, and I > was hoping that they could weigh in with suggestions on this thread. I > acknowledge that the re-keying is a difficult issue, but I also don't > have the time to do the research myself on this topic, since I'm way > backed up on a myriad of other obligations.
https://www.youtube.com/watch?v=BKorP55Aqvg&feature=youtu.be :-) > The EFF does things that aren't public?! :) It would appear so. There are many reasons why this might be - privacy, lack of time to publish, etc. I haven't asked them. > More seriously, are they actively attempting to detect potential MITMs, > and would they announce if they did detect one? I don't know, and presumably yes :-) Gerv _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
