[18352] in cryptography@c2.net mail archive
Re: Another entry in the internet security hall of shame....
daemon@ATHENA.MIT.EDU (James A. Donald)
Wed Aug 31 14:52:32 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
Date: Wed, 31 Aug 2005 10:08:08 -0700
In-reply-to: <43146BB3.9070007@st.cs.uni-sb.de>
From: --
From: Stephan Neuhaus
<neuhaus@st.cs.uni-sb.de>
> If I have understood the draft correctly, using PSKs
> means that the server and the client have a shared
> secret that they must communicate securely beforehand,
> and that they use some form of ZKP to assure the other
> party that they know that secret without revealing it.
>
> If that's indeed so, wouldn't this have key management
> and storage issues that PK was designed to prevent in
> the first place?
But does not, in fact, prevent.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
9DcDsP364D9PAHlb9SrTA4By8bWsJWYZxs8ZH9xB
4cQSP1xXUj2reoZ2icPXcJbFjGP6wBWfZQO13feDH
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
