On Wed, 09 Feb 2005 14:14:35 CST, Frank Knobbe said: > heh... nah, having John look at the cert and say "Yup, that's mine" is > enough of a trust-level for me. (On the other hand, if he says "Oh > shit!" then the verification step has served its purpose :) Unless we have a Schrodinger's Cat John who manifests itself twice, once saying "Yup" and once saying "Oh shit!". :) (Note that under some circumstances, an attacker spoofing a "Oh Shit!" can be useful... ;)
Attachment:
pgp00046.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html