• p1mrx@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    What would stop a MITM attacker from replacing the key? The server can’t sign the key if it doesn’t know which domain the client is trusting.