I'm not clear on this and the document is a little vague, so perhaps I should be perusing the source, but if you don't protect against a serverkey MITM and you are supposed to update the serverkey any time a signature doesn't match up, couldn't an attacker just MITM you, produce a known bad signature, and then wait for you to request a serverkey from them?
That's true; transmission of the serverkey is not currently protected against MITM. How would you suggest to fix that?
As for perusing the source: the client behavior is not implemented yet, so there isn't really any source to check, yet.
Regards, Martin _______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
