-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> not really... the MITM could try to use the both passwords immediately and
> fake the both other sides.
> If you dont have out-of-band means to verify the information from the peer
> node, you have a connection to the wrong node and only see the forged
> verification.
>
> good byte
Point taken.
> So far a node is *passive* and won't react upon reception of any unknown data.
> If we want to tell the user that the password has already been used, we
> would need to change that behaviour :/
>
> I'm not sure it's a good idea.
>
> NextGen$
Ok, i'm wrong, i'm sure of it now.
- Volodya
- --
http://freedom.libsyn.com/ Voice of Freedom, Radical Podcast
http://freeselfdefence.info/ Self-defence wiki
http://www.kingstonstudents.org/ Kingston University students' forum
"None of us are free until all of us are free." ~ Mihail Bakunin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFF7xx1uWy2EFICg+0RAqhhAJ9+HEYmNnIGJgOxOiCPBFd/vyEE5wCeNZ4R
QTfj/YMD+sbhXHvraBmnUY8=
=WcV4
-----END PGP SIGNATURE-----
