Alaric Dailey <[EMAIL PROTECTED]> writes: >While I admit that PKI is flawed, I don't see anyway that PSK could used >effectively. > >How are PSKs going to be shared in a secure way? >are we talking about generating a new key for every connection? > if so how do you validate the key? > if not, how do you validate that the key hasn't been compromised by >someone who put up a phishing site?