> No. There is no consensus. There are opposing camps. One camp
> believes that the solution is to drop all self-signed certs. Another
> camp believes that Key Continuity Management is the answer. Yet a third
> camp believes that user training has to be done, and the UI needs a
> little tweaki
> If we create an error display that says "No kidding, this absolutely
> is an attack and we're stopping you cold to protect you from it."
> it seems unavoidable that users will learn to treat the absence
> of such an unbypassable error display as proof to the contrary,
> proof that the site is gen
Graham, Nelson, Eddy, you all make good points.
I'll take your word for it that it's impossible to detect MITM attacks
with 100% reliability, as I said I'm not a security expert.
How about an MITM detection service that gives no false positives, but
might give false negatives? If you positively i
> Is removal of the ability to override bad certs the ONLY effective
> protection for such users?
No. If we can detect MITM attacks, the problem goes away. There are
ways of detecting MITM attacks, but first of all, this is why we need
to do it:
The problem as I see it is that the same warning UI
4 matches
Mail list logo
