[148781] in cryptography@c2.net mail archive
Re: [Cryptography] What is a secure conversation? (Was: online
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Fri Dec 27 22:17:30 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 27 Dec 2013 13:36:26 -0500
From: Theodore Ts'o <tytso@mit.edu>
To: ianG <iang@iang.org>
In-Reply-To: <52BD2642.4030700@iang.org>
X-SA-Exim-Mail-From: tytso@thunk.org
Cc: Jerry Leichter <leichter@lrw.com>, cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Fri, Dec 27, 2013 at 10:03:30AM +0300, ianG wrote:
>
> Trinity might also start mitm'ing, by actively sending messages out
> to people that don't go to others. So we might want to know that
> all messages got to everyone, and no selective conversations are
> happening.
Yes, but *so* *what*? How could an attacker to achieve some goal that
he or she might want to achieve?
It's not enough to say things like "an attacker could do XXX". If
we're going to do a credible analysis, this is critical. Why is this
important, and how much are we willing to pay (in terms of
inconvenience, extra hardware, etc.) to avoid this potential "attack"?
I don't know about other people, but I don't consider this list
critical infrastructure. If I were to not get some number of the
messages, it wouldn't necessarily impact my life or my work in any
significant way.
Regards,
- Ted
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
