I'm no security expert, and I know what I'm gonna say is bad, but I don't find host key verification to be the most important part of securing client tools like Cargo, rather the opposite, to me, it's the last thing you have to secure.<p>I believe the potential for attack only exists in a tiny specific case where the initial connection was trusted and successful, and an attacker goes through some trouble just to impersonate the server, when we forget one important thing, that the initial connection "trust" was extremely weak, like just prompt the user for confirmation, providing information that is shrugged off by 95% of users because they don't know what to check or what is expected of them. So MITM could happen in the initial connection, and host key verification would have achieved nothing.<p>But it's entirely possible that I've completely misunderstood this verification, because I've never really looked into it.