The ability to negotiate a common authentication mechanism between client and server is a feature of the authentication option that should be used with caution. When the negotiation is performed, no authentication has yet occurred. Therefore, each system has no way of knowing whether or not it is talking to the system it intends. An intruder could attempt to negotiate the use of an authentication system which is either weak, or already compromised by the intruder.
Most attacks is prevented by the PGP method, but one must be aware of that a connection can be ``taken oven'' by an active intruder just after the authentication has completed. This attack will be detected when the integrity option is be enabled.
The man-in-the-middle attack will not succeed since the attacker does not know the secret keys of the client or server. Hence will the attacker not be able to create the correct signature on the response. Fake public keys will not be accepted, since every public key must have a trusted signature to be accepted. It also possible to demand more than one trusted signature, if the system is very sensitive.
The PGP documentation [9, 10] contains more information on secure handling of keys in public-key cryptosystems.