W3C home > Mailing lists > Public > xml-dist-app@w3.org > March 2001

Re: Security

From: Rich Salz <rsalz@zolera.com>
Date: Fri, 16 Mar 2001 15:54:50 -0500
Message-ID: <3AB27D9A.F3F918C0@zolera.com>
To: Joseph Ashwood <jashwood@arcot.com>
CC: xml-dist-app@w3.org
> An extra round is not necessarily required. Each request could carry an
> associated list of preferred ciphers. The information propogation would be
> slow, and the first would be unprotected

And therefore isn't that susceptible to man-in-the-middle?  I thought
this was one of the things TLS fixed in SSL.
	/r$
Received on Friday, 16 March 2001 15:54:19 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:58:59 GMT