On 9/30/14 10:33 PM, David Kastrup wrote:
> Transparent STARTTLS on demand would seem useless against
> man-in-the-middle attacks.  It's just good against eavesdropping on
> unintercepted traffic.  And you don't even need to be true
> man-in-the-middle: you just need to be faster answering the STARTTLS
> negotiation.

The CA system[1] prevents MITM attacks. The best an attacker could do is
maybe stop the encryption from starting in the first place, but in my
book that should be an error.

-David


[1] https://en.wikipedia.org/wiki/Certificate_authority