In short, you would lose authentication and guarantees of privacy
if you don't have each other's public keys, but it shouldn't
affect the connection in any way, even for anonymous access.
You totally ignore man-in-the-middle attacks, don't you?
I'm sorry, I was unclear in what I meant when I wrote that. When I
wrote "...but it shouldn't affect the connection in any way, even for
anonymous access.", I meant from a code point of view. The Monotone
source will see the (fake/anonymous/whatever you want to call it)
public keys, and use them the same way as if you had real keys and
real authentication. I make no guarantees about security without
authentication! ;)
Thanks,
Cem Karan
_______________________________________________
Monotone-devel mailing list
Monotone-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/monotone-devel
