Hi, I saw that you wrote:
> If an attacker were to control a rogue SSH server, then he would be better > off submitting a perfectly valid signature instead of a malformed one, and we > would log into it anyways. Hence, there is absolutely no security risk > associated with the misuse of this function. I would like to start by saying that I have no idea how it works. But I have to wonder why you call DSA_do_verify() if it the result has no impact on the security. Did you considered a man in the middle attack, where the attacker could impersonate the 2 other parties and have full control over the connection? Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
