You make a interesting point in describing TACK as intrusion detection system. It makes sense against larger adversaries, while the MITM protection make more sense against smaller.
The question I have then is, what happen if look at TACK as an IDS. What is its false positive rate? Can it be lowered? Maybe it should inform the website owner as a way to inform both side of the communication that something eerie is happening.
The question I have then is, what happen if look at TACK as an IDS. What is its false positive rate? Can it be lowered? Maybe it should inform the website owner as a way to inform both side of the communication that something eerie is happening.