On Sun, 28 Feb 2021, Solene Rapenne wrote: >>> I?m failing to see how TOFU can provide any security, especially if >> >> Does SSH provide any security? > > With ssh you can use https://en.wikipedia.org/wiki/SSHFP_record > to improve the security for first connection. We are using two different definitions of "security". SSH, even without SSHFP, still provides security. The question is what is the threat model. Mk -- Martin Keegan, @mk270, https://mk.ucant.org/
---
Previous in thread (7 of 19): 🗣️ Sean Conner (sean (a) conman.org)
Next in thread (9 of 19): 🗣️ Petite Abeille (petite.abeille (a) gmail.com)