[cryptography] yet another certificate MITM attack

Sandy Harris sandyinchina at gmail.com
Sat Jan 12 15:23:36 EST 2013


Jon Callas <jon at callas.org> wrote:

> (The quibble I have is over partial security. My quibble is that lots of partial
> security systems label the partial security as being worse than no security.
> I believe that partial security is always better than no security.)

Except when it is marketed as just "secure". A user with serious enemies
whose system gives only partial security is better off assuming that the
system is broken, and therefore guarding his tongue, than believing bogus
marketing claims and compromising himself.



More information about the cryptography mailing list