Hello, .... > > Basically, in this case you can use the original SSL authentication to > > bootstrap a separate MITM detection step. I strongly recommend doing this in > > a custom application if you use SSL in a way that prevents its normal MITM > > detection from being effective. > > I strongly disagree. How does the client this "separate detection" > step to the protocol handshake. Why ask users to invent very difficult > to get right security protocols? +1, security protocols are developed over years with effort of many people (and even that may contain errors).
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
