top | item 18736862

(no title)

kevhito | 7 years ago

What is the difference between "the server I meant to communicate with" and a "server ... with authority to communicate on behalf of my intended peer"?

This seems like a distinction with no meaningful difference, outside of esoteric things like hardware-based attestation where you actually do want to identify a peer with the specificity of an actual physical piece of equipment. As soon as we introduce names that are not physically bound, we have a level of indirection that erases any distinction you were making.

discuss

badrabbit|7 years ago

The difference is that one is verified by trusting the peer while the other is verified by trusting a 3rd party. So trust is me-3rd party-them. As opposed to end to end where it is me-them.