open secure socket... using certificate

Richard Gaskin ambassador at
Mon Feb 1 16:01:20 EST 2021

Tom Glod wrote:

 > On Fri, Jan 29, 2021 at 1:09 AM Richard Gaskin wrote:
 >> The main benefit of encrypted sockets is to mitigate man-in-the-
 >> middle attacks.
 >> If you have a man in the middle of processes on a local computer that
 >> isn't you, it would seem you have bigger concerns. ;)
 > Hi Richard...the man in the middle attack is exactly the thing I was
 > thinking of.

It seems I didn't write clearly.

With localHost the man in the middle is you, or someone else with 
physical access to your computer (which is more or less the same thing).

Given the old adage that physical access  = root, I'm unable to think of 
a scenario in which encrypting localhost sockets is beneficial.  Am I 
overlooking something?  I'm no CISSP, so I may well be.

  Richard Gaskin
  Fourth World Systems
  Software Design and Development for the Desktop, Mobile, and the Web
  Ambassador at      

More information about the use-livecode mailing list