On Tue, 9 Feb 2010 18:56:39 -0500, Kurt H Maier <karmaf...@gmail.com> wrote: > On Tue, Feb 9, 2010 at 6:09 PM, Chris Palmer <ch...@noncombatant.org> > wrote: >> Letting people believe that any SSL connection is good is actually worse >> than nothing, because it creates a false sense of security. >> >> I have serious qualms about depending on CAs (the false sense of security >> they engender is even more of a problem, I'd argue!), > > stop trying to fix social problems with code > > SSL can do two things: > > 1) provide site-to-site encryption > 2) make a lot of money for cert-signing organizations
A man-in-the-middle attack is not a social problem. If site-to-site is not site-to-*intended*-site then your point 1) is moot. Thank you very much.
