[crazy][spam][crazy][spam] [thread for further deliberations regarding akash certs]
Undescribed Horrific Abuse, One Victim & Survivor of Many
gmkarl at gmail.com
Fri Jul 21 18:08:08 PDT 2023
On 7/21/23, Undescribed Horrific Abuse, One Victim & Survivor of Many
<gmkarl at gmail.com> wrote:
> -------------------------
> [to repeat the problem, when i reviewed the provider client and server
> code for akash (partial report linked in second reply to [crazy?]
> tagged thread on this list) i did not see them verifying the other
> party's certificates. [this means a malicious party could log in]. _i
> make many mistakes and see many things wrongly_. the server code
> really looks wrong. [my highly paranoid guess as to what is wrong is
> that the certificate verification code could have been excised.]]
[sorry, it's the client code, which i looked at more, that really
looks wrong to me, not the server code; the client code issue does not
provide for malicious log in.]
More information about the cypherpunks
mailing list