-=> mark lewis wrote to Sampsa Laine <=-


 ml> leave out the word "attack" and you have it right... a
MitM Attack is
 ml> one where there is a MitM that is purposely looking at your traffic for
 ml> the purposes of hijacking data across the encrypted link... there is
 ml> quite a difference ;)

 ml> in fact, there are many ISPs who are doing the same thing (using a
 ml> MitM) specifically for the purposes of protecting their networks and
 ml> clients/customers :)

Really? I have heard people saying this MIGHT be theoretically possible,
but how exactly does this work? Got any examples of where this is deployed
or products they use? Do the ISPs have the ability to issue new SSL certs
by having their CA certificates installed in browsers or something? 

How would this work with SSH - my client would warn me that the host key
has changed so the MITM approach is not going to work - if I have ever
connected to my server before, the ISP's attempt will fail..

Sampsa



... MultiMail, the new multi-platform, multi-format offline reader!
--- MultiMail/Darwin v0.49
--- SBBSecho 2.11-Win32