On 2013-07-31 7:14 AM, Tony Arcieri wrote: > > The largest outstanding question is how you handle MitM attacks. > Without another secure service to broker the connection, you need some > way of verifying you're talking to who you expect. > > At the very least, this should require some kind of popup requesting > users to somehow magically verify each others' public keys. In > practice, I think this sort of approach doesn't work. People will > always click yes. But if you cache their choice, it provides a sort of > continuity of keys, so at least if they managed to get the connection > set up securely once, it will be secure in the future.�
Public key verification by end users never works. Come to think of it, pubic key verification never works. I suggest zero knowledge password proof, plus key continuity, and the application flags whether the current key has ever been password checked, as otr sort of does. _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
