[128822] in cryptography@c2.net mail archive
Re: The PKC-only application security model ...
daemon@ATHENA.MIT.EDU (Eric Rescorla)
Thu Jul 24 15:32:18 2008
Date: Wed, 23 Jul 2008 18:45:47 -0700
From: Eric Rescorla <ekr@networkresonance.com>
To: Thierry Moreau <thierry.moreau@connotech.com>
Cc: Anne & Lynn Wheeler <lynn@garlic.com>,
Cryptography List <cryptography@metzdowd.com>
In-Reply-To: <4887B162.8000301@connotech.com>
At Wed, 23 Jul 2008 17:32:02 -0500,
Thierry Moreau wrote:
>
>
>
> Anne & Lynn Wheeler wrote about various flavors of certificateless
> public key operation in various standards, notably in the financial
> industry.
>
> Thanks for reporting those.
>
> No doubt that certificateless public key operation is neither new nor
> absence from today's scene.
>
> The document I published on my web site today is focused on fielding
> certificateless public operations with the TLS protocol which does not
> support client public keys without certificates - hence the meaningless
> security certificate. Nothing fancy in this technique, just a small
> contribution with the hope to facilitate the use of client-side PKC.
DTLS-SRTP
(http://tools.ietf.org/html/draft-ietf-sip-dtls-srtp-framework-02,
http://tools.ietf.org/html/draft-ietf-avt-dtls-srtp)
uses a similar technique: certificates solely as a key
carrier authenticated by an out-of-band exchange.
-Ekr
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
