[eganist]

The concern is less MITM and more a compromise of the server, but close enough. Check my parallel response to Omnipresent's comment.

[remy_]

Fair enough, whatever is the easiest for the attacker :). I'm checking Cyph and its "Trust On First Use" concept. Very interesting.

[eganist]

If you're dropping by defcon, you should catch the talk. There'll be very little focus on this mechanism specifically since we want to share a bunch of things people can actually freely use (and this isn't one of them), but you can catch Ryan afterwards and spark a conversation to find out more.