On 04/02/2014 03:00, Bjoern Hoehrmann wrote: ... >> Again, with either PGP or S/MIME (and X.509) with a self-signed >> cert or key, authentication is not needed to start using >> encryption, only a (perhaps implicit) belief on the part of the >> sender that, if the recipient can advertise a public key, it >> probably has the private one and that the key-advertiser is not >> the proverbial entity-in-the-middle. > > Without entities in the middle, encryption is unnecessary. I'm having difficulty understanding that assertion.Does your definition of "entity in the middle" include passive wire/fibre taps? Brian