Am 22.08.2008 um 19:12 schrieb Dave Cridland:
Average Joe compatible is, I suspect, using leap-of-faith, but anyway, yes, we absolutely can have a number of verification options, including, as I said in my previous message, something "which could look very, very like the SAS".
Uhm, what exactly do you understand by leap of faith? Like in SSH, that you accept the key the first time and it is remembered? I consider that very insecure. Doing that would be evil. An SAS would be better there IMO :).
-- Jonathan
PGP.sig
Description: This is a digitally signed message part
