[Security] About the Firefox 3 Security Dialog & others
js-xmpp-security at webkeks.org
Fri Aug 22 12:14:38 CDT 2008
Am 22.08.2008 um 19:12 schrieb Dave Cridland:
> Average Joe compatible is, I suspect, using leap-of-faith, but
> anyway, yes, we absolutely can have a number of verification
> options, including, as I said in my previous message, something
> "which could look very, very like the SAS".
Uhm, what exactly do you understand by leap of faith? Like in SSH,
that you accept the key the first time and it is remembered? I
consider that very insecure. Doing that would be evil. An SAS would be
better there IMO :).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080822/3c67cc68/attachment.pgp
More information about the Security