[Bitcoin-development] Dedicated server for bitcoin.org, your thoughts?
drak at zikula.org
Sun Dec 8 20:40:04 UTC 2013
On 8 December 2013 19:25, Gregory Maxwell <gmaxwell at gmail.com> wrote:
> On Sun, Dec 8, 2013 at 11:16 AM, Drak <drak at zikula.org> wrote:
> > BGP redirection is a reality and can be exploited without much
> You're managing to argue against SSL. Because it actually provides
> basically protection against an attacker who can actively intercept
> traffic to the server. Against that threat model SSL is clearly— based
> on your comments— providing a false sense of security.
Let me clarify. SSL renders BGP redirection useless because the browser
holds the signatures of CA's it trusts: an attacker cannot spoof a
certificate because it needs to be signed by a trusted CA: that's the point
of SSL, it encrypts and proves identity, the latter part is what thwarts
MITM. If there was an MITM the browser screams pretty loudly about it with
a big threat warning interstitial.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bitcoin-dev