|
|
|
|
|
|
by copperfoil
1576 days ago
|
|
|
Yeah, there's no verification of a server's pubkey like ssh (which mostly is trust-on-first use), or a cert chain like tls.
This seems like a cool proof-of-concept. There are also a bunch of security properties that it fails in. |
|
|