Answer two questions
1. Suppose you suspect that your session with a server has been intercepted in a man-in-the-middle attack. You have a key, K, that you think you share with the server, but you might be only sharing it with an attacker. But the server also has a public key, Kp, which is widely known, and a private secret key, Ks, that goes with it. Describe how you can either confirm you share K with the server or discover that you share it only with a man-in-the-middle. Also, be sure your solution will not be discovered by a packet sniffer. (10 points)
2. A common management requirement is that all external Web traffic must flow via the organizations Webs proxy. However, that requirement is easier stated than implemented. Discuss the various problems and issues, possible solutions, and limitations with supporting this requirement. In particular, consider issues such as identifying exactly what constitutes Web traffic and how it may be monitored, given the large range of ports and various protocols used by Web browsers and servers. (10 points)
