| ||
While we used Diffie-Hellman as an example, this is just as much of a problem with SSL/TLS because people dont understand what they need to do to achieve adequate authentication. Anytime the authentication can be compromised, a man-in-the-middle attack is possible. We focus on the SSL-related authentication problems in Sin 10.
Additionally, people who fall prey to this problem are usually building their own crypto systems, whether they know it or not. Such people are probably failing to do adequate traffic protection. (We cover this in Sin 8.)