From owner-freebsd-security Mon Dec 18 11:35:51 2000 From owner-freebsd-security@FreeBSD.ORG Mon Dec 18 11:35:48 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id E83C537B400 for ; Mon, 18 Dec 2000 11:35:47 -0800 (PST) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id MAA26016; Mon, 18 Dec 2000 12:35:26 -0700 (MST) Message-Id: <4.3.2.7.2.20001218123004.04888760@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 18 Dec 2000 12:35:11 -0700 To: Moses Backman III , Todd Backman From: Brett Glass Subject: Re: woah Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <20001218133716.A550@cg22413-a.adubn1.nj.home.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org All the author is saying is what has long been known: that Diffie-Hellman key exchange is subject to "man in the middle" attacks. There are several catches, though. First of all, the man needs to find a way to get into the middle in the first place. On the Internet, this isn't easy. Second, he needs to STAY there or the parties will find out that he was there. Third, he can't do much if there's a backchannel or a trusted third party through which the parties can verify each other's identities. --Brett At 06:37 AM 12/18/2000, Moses Backman III wrote: >> Read the full story here: >> http://securityportal.com/cover/coverstory20001218.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message