[Bitcoin-development] Dedicated server for bitcoin.org, your thoughts?

Drak drak at zikula.org
Sun Dec 8 20:40:04 UTC 2013


On 8 December 2013 19:25, Gregory Maxwell <gmaxwell at gmail.com> wrote:

> On Sun, Dec 8, 2013 at 11:16 AM, Drak <drak at zikula.org> wrote:
> > BGP redirection is a reality and can be exploited without much
>
> You're managing to argue against SSL. Because it actually provides
> basically protection against an attacker who can actively intercept
> traffic to the server. Against that threat model SSL is clearly— based
> on your comments— providing a false sense of security.


Let me clarify. SSL renders BGP redirection useless because the browser
holds the signatures of CA's it trusts: an attacker cannot spoof a
certificate because it needs to be signed by a trusted CA: that's the point
of SSL, it encrypts and proves identity, the latter part is what thwarts
MITM. If there was an MITM the browser screams pretty loudly about it with
a big threat warning interstitial.

Regards,

Drak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20131208/9e49620a/attachment.html>


More information about the bitcoin-dev mailing list