From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1VrDP7-0002s9-LX for bitcoin-development@lists.sourceforge.net; Thu, 12 Dec 2013 21:02:41 +0000 X-ACL-Warn: Received: from mout.perfora.net ([74.208.4.194]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1VrDP5-0002U4-N2 for bitcoin-development@lists.sourceforge.net; Thu, 12 Dec 2013 21:02:41 +0000 Received: from netbook (199-36-244-25.mccarran.com [199.36.244.25]) by mrelay.perfora.net (node=mrus0) with ESMTP (Nemesis) id 0MZjOA-1W7Esv3l2k-00L7y2; Thu, 12 Dec 2013 16:02:32 -0500 Received: by netbook (Postfix, from userid 1000) id AD64F2E49D6; Thu, 12 Dec 2013 21:51:08 +0100 (CET) Received: by flare (hashcash-sendmail, from uid 1000); Thu, 12 Dec 2013 21:51:06 +0100 Date: Thu, 12 Dec 2013 21:51:06 +0100 From: Adam Back To: Gregory Maxwell Message-ID: <20131212205106.GA4572@netbook.cypherspace.org> References: <52A3C8A5.7010606@gmail.com> <1795f3067ba3fcdd0caf978cc59ff024.squirrel@fruiteater.riseup.net> <52A435EA.7090405@gmail.com> <201312081237.24473.luke@dashjr.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Hashcash: 1:20:131212:gmaxwell@gmail.com::6Hs8vDawiXbF0BQD:0000000000000000000 0000000000000000000000004MkA X-Hashcash: 1:20:131212:drak@zikula.org::Q5BzDLtFSq80aTiN:000Xvx X-Hashcash: 1:20:131212:bitcoin-development@lists.sourceforge.net::B//0MJxbogU7C NuA:000000000000000000000Bj+ X-Hashcash: 1:20:131212:adam@cypherspace.org::BJhNxu6lhNOlR/tG:00000000000000000 00000000000000000000000055Rs Content-Transfer-Encoding: quoted-printable X-Provags-ID: V02:K0:zLdVaK7SPKBiI2lF1w7fM7eU4IiuAN2eYq15QLXRPls H7AYQyOC8ddlYcbhMwRkh7kWQNDjviXe1dNVjZ81nvlL+W4GCy DyiZr/eKBymz7Vc2TWRSKbXcjUAjlhElfxtkZjJKGX/FjcMAi0 YRIj1XVv8fAQz+YIjxopNQvLnvzwibzM8oQSNZLpN5hmjzC5BC BhbIhSTr2nDjqWI0NHjRjbzq8J5HJMBjPu/R+E4wpgvcs7qvaV skrfNgqnypUHRuQKYMbMBnbeWn6i+wtxlwxo9eFeRRFgzeLiMu 7lCOzijjXepC+NkRK3EtDjI+zGGYQYvsg2mq8sLSl7Nj9yEzrc 7ZHsM4PyPT6VlnI+dvzrSbUn2Gxnh4/OZyc3Cl7lN X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [74.208.4.194 listed in list.dnswl.org] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: doubleclick.net] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Headers-End: 1VrDP5-0002U4-N2 Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Dedicated server for bitcoin.org, your thoughts? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Dec 2013 21:02:41 -0000 I think the one thing that SSL does provide is some protection against AR= P or DNS poisoning to trick the user into downloading from a different site= . The PGP WoT surrounding bitcoin or OS related ISOs be weak - I am not sur= e if I could even check it directly myself despite spending a few hours tracking down keys and checking fingerprints of biz cards of core devs I = met in person, then that is a relevant point. Adam On Sun, Dec 08, 2013 at 11:25:24AM -0800, Gregory Maxwell wrote: >On Sun, Dec 8, 2013 at 11:16 AM, Drak wrote: >> BGP redirection is a reality and can be exploited without much > >You're managing to argue against SSL. Because it actually provides >basically protection against an attacker who can actively intercept >traffic to the server. Against that threat model SSL is clearly=E2=80=94= based >on your comments=E2=80=94 providing a false sense of security. > >We _do_ have protection that protect against that=E2=80=94 the pgp signa= ture, >but they are far from a solution since people do not check that. > >(I'm not suggesting we shouldn't have it, I'm suggesting you stop >arguing SSL provides protection it doesn't before you manage to change >my mind!) > >------------------------------------------------------------------------= ------ >Sponsored by Intel(R) XDK >Develop, test and display web and hybrid apps with a single code base. >Download it for free now! >http://pubads.g.doubleclick.net/gampad/clk?id=3D111408631&iu=3D/4140/ost= g.clktrk >_______________________________________________ >Bitcoin-development mailing list >Bitcoin-development@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/bitcoin-development