Once upon a time, Bruno Wolff III bruno@wolff.to said:
On Sun, May 31, 2009 at 13:26:17 -0500, Chris Adams cmadams@hiwaay.net wrote:
HTTPS with an unknown self-signed cert is barely any more secure than unencrypted HTTP, since a man-in-the-middle attack could just be replacing the cert and decrypting all communications.
No it is a much harder attack than snooping. To do man in the middle you need to be able to take packets out of the stream and redirect them. This needs to be done in real time and if you guess wrong about whether the other end knows what the certificate is, people are going to notice you doing it.
ISTR if you can snoop you can hijack the TCP session setup by responding first (aren't out-of-window packets ignored?). You don't have to cause the "real" responses to be dropped, you just have to respond faster.
And be sure to note that certificate signed by RSA, Thawte or whoever doesn't equate to secure either. Unless you have verified the end certificate yourself you don't know that the organization on the other end is who you really mean to be talking to.
You are trusting that the CAs have done the verification, which they do (to differing degrees).