Hacker News new | past | comments | ask | show | jobs | submit login

You said that you are afraid of loosing users after a leak, which implies if you don't have to, you won't tell your users about the incident.



No. I said that changing the key, which must happen, will trigger a warning that will scare users away. Which is (partly) why no one uses SSH with non technical populations.


No, its that the fix is client side and painful. They can tell their users to fix it and they would rather leave than do it.


I thought users would be prompted to accept a new fingerprint. Am I missing something?


If by "prompted" you mean:

@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ IT IS POSSIBLE THAT SOMONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now!

Then, yes, users will be prompted in the scariest possible language.

Compare this with HTTPS/browsers, which care not a lick if a certificate/fingerprint is different, provided that the certificate is valid and the chain is trusted.


Which --coincidentally-- is exactly the problem with it.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: