W3C home > Mailing lists > Public > xml-dist-app@w3.org > March 2001

Re: Security

From: Rich Salz <rsalz@zolera.com>
Date: Fri, 16 Mar 2001 15:54:50 -0500
Message-ID: <3AB27D9A.F3F918C0@zolera.com>
To: Joseph Ashwood <jashwood@arcot.com>
CC: xml-dist-app@w3.org
> An extra round is not necessarily required. Each request could carry an
> associated list of preferred ciphers. The information propogation would be
> slow, and the first would be unprotected

And therefore isn't that susceptible to man-in-the-middle?  I thought
this was one of the things TLS fixed in SSL.
Received on Friday, 16 March 2001 15:54:19 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 22:01:12 UTC