From f763868f5e68c8f439212b4eb203d9626cfcbc7a Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Tue, 7 Jan 2025 14:39:06 -0400
Subject: [PATCH] comment

---
 ...omment_5_bb9d36eae53e3b1e806f8ae089aaf91a._comment | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 doc/todo/generic_p2p_socket_transport/comment_5_bb9d36eae53e3b1e806f8ae089aaf91a._comment

diff --git a/doc/todo/generic_p2p_socket_transport/comment_5_bb9d36eae53e3b1e806f8ae089aaf91a._comment b/doc/todo/generic_p2p_socket_transport/comment_5_bb9d36eae53e3b1e806f8ae089aaf91a._comment
new file mode 100644
index 0000000000..b87c43dac3
--- /dev/null
+++ b/doc/todo/generic_p2p_socket_transport/comment_5_bb9d36eae53e3b1e806f8ae089aaf91a._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""Re: comment 4"""
+ date="2025-01-07T18:29:44Z"
+ content="""
+> If the PSK were fully contained in the remote string then a third-party getting hold of that string could pretend to be the server 
+
+I agree this would be a problem, but how would a third-party get ahold of
+the string though? Remote urls don't usually get stored in the git
+repository, perhaps you were thinking of some other way.
+"""]]