[EMAIL PROTECTED] writes: > It did teach me the importance of protecting against the > man-in-the-middle attack. This is not often done, at least not by > default, in many STARTTLS implementations.
Indeed. The problem is that it's pretty hard to determine
a priori what certificate the peer server ought to be offering,
due to mail relaying and MX records.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]
http://www.rtfm.com/
