On 18 November 2010 23:07, David Banes <[email protected]> wrote: > Cisco should sponsor/host it... >
A lonely picture of Dave hanging on some wall in the Cisco offices? I can see it now... Aaaaanyway... The problem I see with this is - when the admin changes the certs (e.g. they expire) - what next? We just blindly trust the new certs after dialback? Isn't there a risk that the MITM comes along, offers a new cert, and intercept the dialback verifications and acks it successfully? In SSH at least you get notified (quite loudly) that the server fingerprint has changed. Matthew
