Please see inline:- On 2025-05-26 12:26 p.m., Michael Richardson wrote: ...
For many installations, a physical cable may be invoved (such as ethernet over USB), or a very low power wireless network will be used. Any active on-path attacker would have to be physically present at the site of the device. Such a physically present attacker could learn the identity of the Pledge by simply pretending to be a Registrar-Agent, and asking the device for it's identity.
s/it's/its/
An active on-path attacker can not replace the signed objects that the Pledge and Registrar-Agent exchange.
"can not" is ambiguous. It can mean "it is impossible for the attacker to replace the signed objects", or it can mean "it is possible for the attacker to 'not replace' (i.e., leave as-is) the signed objects".
If the first meaning is what you intend, then you could s/can not/cannot/, but you should probably reword as "It is impossible for an active on-path attacker to replace the signed objects that the Pledge and Registrar-Agent exchange." If the second meaning is what you intend, then I suggest rewriting to express what is actually true.
Also, it would be good to add a sentence explaining why (in either case). -- Dr. J.W. Atwood, Eng. tel: +1 (514) 848-2424 x3046 Distinguished Professor Emeritus fax: +1 (514) 848-2830 Department of Computer Science and Software Engineering Concordia University ER 1234 email:[email protected] 1455 de Maisonneuve Blvd. West http://users.encs.concordia.ca/~bill Montreal, Quebec Canada H3G 1M8 _______________________________________________ Anima mailing list -- [email protected] To unsubscribe send an email to [email protected]
