[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: key management




"Avi Rubin" says:
> >2) Mutually distrustful users on a single host CANNOT be trusted to
> >know each others keys. Systems that use host keying conflate
> >different users cryptographic keys, making all sorts of unfortunate
> >attacks possible. Preventing seperate users from using each others
> >keys is necessary.
> 
> How do you propose for mutually suspicious users to use
> the same host? 

Let them use different keys for their traffic. Thats part of the IPng
spec. The key management we are developing is intended for use on both
platforms.

Perry


Follow-Ups: References: