[Security] Gajim 0.12's E2E encryption UI -ssh keys
pavlix at pavlix.net
Sat Aug 23 09:51:11 CDT 2008
On Sat, 23 Aug 2008 11:23:29 +0200
Johansson Olle E <oej at edvina.net> wrote:
> 23 aug 2008 kl. 11.01 skrev Dirk Meyer:
> >> People just want to get things done. If you say "verify this
> >> code" and you
> >> show them the code, and the only options are to proceed with a
> >> verified code
> >> or not proceed at all, then people are just going to lie to your
> >> software and
> >> press "okay" (see SSH).
> > Yes, I never check ssh keys on first connection. I only check stuff
> > if the keys was changed later.
> That's why there's now SSH clients that check DNS for the keyprint
> as well,
> to have an extra layer of security. With normal DNS, this is just an
> kind of out-of-band check. With DNS security, it gets better.
Do you really believe in DNS security?
Jabber & Mail: pavlix(at)pavlix.net
More information about the Security