BridgeBum
@BridgeBum@lemmy.ml
This is a remote user, information on this page may be incomplete. View at Source ↗
- Comment on 2 years ago:
Marketing speak bends the truth? Say it ain't so!
- Comment on 2 years ago:
and this requires devices to exchange the shared private key which is inherently risky.
There is some risk, sure. I don't see how this would be any more risky than a TLS exchange. Obviously the exchange can be implemented badly, but if done correctly it seems like it would work with certs and send the key encrypted.
I think the bigger risk is the key sitting at rest on multiple devices, some of which are easily lost (cell phones) and could then compromise an account.