21 Jan
2014
21 Jan
'14
10:31 a.m.
On Tue, Jan 21, 2014 at 11:10:57AM +0100, Thomas von Dein wrote:
Because, usually with curve25519 both A and B had to exchange their public keys in advance to be able to communicate. The scheme above makes it a lot easier for users but is it sufficient securitywise?
the problem is you cannot be sure who the sender of the msg is, it might be a mitm. -- pgp: https://www.ctrlc.hu/~stef/stef.gpg pgp fp: FD52 DABD 5224 7F9C 63C6 3C12 FC97 D29F CA05 57EF otr fp: https://www.ctrlc.hu/~stef/otr.txt