Robert Banz wrote: > I think it's a great idea, but the ability to fall back to something > that's "reasonably secure" would be nice. There's also the approach ssh > takes -- the first time you contact the server (ever) we store the > server's "key", and keep it around. If something funky DOES happen at > some point, you'll know somethin's wrotten...
This is referred to as "leap of faith" security and 'yes' this is the approach we will have to take. We can even do one better than SSH by providing a method of verifying the server key the first time authentication tokens are available. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
