[Security] Gajim 0.12's E2E encryption UI -ssh keys

Johansson Olle E oej at edvina.net
Sat Aug 23 04:23:29 CDT 2008


23 aug 2008 kl. 11.01 skrev Dirk Meyer:

>> People just want to get things done.  If you say "verify this code"  
>> and you
>> show them the code, and the only options are to proceed with a  
>> verified code
>> or not proceed at all, then people are just going to lie to your  
>> software and
>> press "okay" (see SSH).
>
> Yes, I never check ssh keys on first connection. I only check stuff if
> the keys was changed later.

That's why there's now SSH clients that check DNS for the keyprint as  
well,
to have an extra layer of security. With normal DNS, this is just an  
addon,
kind of out-of-band check. With DNS security, it gets better.

/O


More information about the Security mailing list