I have a PublickeyAuthenticator, it is a pretty simple, I just check if a public key is valid.
I am just trying to verify this is all I need to worry about. Without knowing the details of ssl handshake, it struck me as odd to just compair two public keys. Obviously the server does not have the clients private key. Just looking for a little reassurance. ( that I can add to my javadoc ) Also, anyone interested in an Apache Shrio (getting out of the incubator soon ) PasswordAuthenticator/PublickeyAuthenticator impl? (maybe a sub project?) Thanks, -Brian
