đź“… Original date posted:2013-12-08
đź“ť Original message:On Sun, Dec 8, 2013 at 11:16 AM, Drak <drak at zikula.org> wrote:
> BGP redirection is a reality and can be exploited without much
You're managing to argue against SSL. Because it actually provides
basically protection against an attacker who can actively intercept
traffic to the server. Against that threat model SSL is clearly— based
on your comments— providing a false sense of security.
We _do_ have protection that protect against that— the pgp signature,
but they are far from a solution since people do not check that.
(I'm not suggesting we shouldn't have it, I'm suggesting you stop
arguing SSL provides protection it doesn't before you manage to change
my mind!)
Gregory Maxwell [ARCHIVE] /
npub1f2…crwet
2023-06-07 15:10:25
in reply to nevent1q…wxaf
Author Public Key
npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwetSeen on
wss://relay.nostr.bandPublished at
2023-06-07 15:10:25Event JSON
{
"id": "2148a02fa4b3e2411f69ab504ab636b6090e8f1b4a6042707ce1c912f6ebc3f8",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686150625,
"kind": 1,
"tags": [
[
"e",
"d517aa463a22abef5f03468f652eeefb44676da99926537d88111078c3e0468b",
"",
"root"
],
[
"e",
"ec7ca84c7fe1fc153582cc3a53f180bf326eaa7319a810b37603b8afcd3f053d",
"",
"reply"
],
[
"p",
"50ece7cbb2dc316af1cd5da0d62e0e1fec40f20919242c8fbedd53702fba95db"
]
],
"content": "📅 Original date posted:2013-12-08\n📝 Original message:On Sun, Dec 8, 2013 at 11:16 AM, Drak \u003cdrak at zikula.org\u003e wrote:\n\u003e BGP redirection is a reality and can be exploited without much\n\nYou're managing to argue against SSL. Because it actually provides\nbasically protection against an attacker who can actively intercept\ntraffic to the server. Against that threat model SSL is clearly— based\non your comments— providing a false sense of security.\n\nWe _do_ have protection that protect against that— the pgp signature,\nbut they are far from a solution since people do not check that.\n\n(I'm not suggesting we shouldn't have it, I'm suggesting you stop\narguing SSL provides protection it doesn't before you manage to change\nmy mind!)",
"sig": "8f8104636969d48d7dcae57d4f08d3dc40b7ad117353193e7f8b25590ed38d987d622127b790275b06ecd74aff0c66e8de834df29f6aad37953123bdf8ad1988"
}