Once Alice has performed step 5 and everything checks out
she has a valid key for Bob that has been 'authenticated'
by proving knowledge of the secret.
If things had failed on Bob's end she had never received the
'vc-request-with-auth'.
The only thing that could go wrong now is her 'vc-confirm'
message not arriving to Bob. In that case they both could
already send encrypted messages to each other and the channel
would be secured. But on Bob's side the handshake would seem
unterminated because Bob can not be sure Alice received his
reply.
However adding another 'vc-confirm' message just switches
the problem around. Now Alice might be left in an open
confirmation process if Bob's 'vc-confirm' gets lost.
update: Actually i think 'vc-confirm' can be dropped entirely and we
end the process stating success on each device when we
know we have a verified key for the other person.
Once Alice has performed step 5 and everything checks out she has a valid key for Bob that has been 'authenticated' by proving knowledge of the secret.
If things had failed on Bob's end she had never received the 'vc-request-with-auth'.
The only thing that could go wrong now is her 'vc-confirm' message not arriving to Bob. In that case they both could already send encrypted messages to each other and the channel would be secured. But on Bob's side the handshake would seem unterminated because Bob can not be sure Alice received his reply.
However adding another 'vc-confirm' message just switches the problem around. Now Alice might be left in an open confirmation process if Bob's 'vc-confirm' gets lost.
update: Actually i think 'vc-confirm' can be dropped entirely and we end the process stating success on each device when we know we have a verified key for the other person.