Clarify BRP Attack Vector

Do we assume or not assume that the public keys were exchanged through a secure channel? The following sentence seems to imply the former.

Thanks for this contribution @thomas. The intended meaning is something like this:

Ideally the public keys would be exchanged over a secure channel. But in reality the parties may not have a secure channel available, or may not understand which of the channels available to them are secure. So we don't assume that the keys have been exchanged over a secure channel. If the channel was not secure then the protocol is vulnerable to MITM attacks during the initial exchange of public keys.

added 1 commit

• df498d82 - Clarify Protocol limitation

Compare with previous version

added 1 commit

• 18c565c7 - Further clarify BRP Limitation

Compare with previous version

changed title from Fix Spec error (?) to Clarify BRP Attack Vector

Thanks @akwizgran , now I understand.

Maybe there is a way to make this more clear? I tried but I don't think I did well ...

But thanks already!

Looks great, thanks @thomas!

mentioned in commit 85b59df3

merged