security concern: key management flaw with silc-client

[mal content]

On 17/05/07, mal content <artifact.one at googlemail.com> wrote:
>   /verify_key Alice nickname_that_alice_is_using
>

I neglected to add that in the situation above, the client would
then be capable of doing this:

/verify_key Alice person_imitating_alice
*** Verification failed, person_imitating_alice is not 'Alice'
*** Key matches for 'Bob'.

Although that was probably already obvious...

MC