[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on draft 03 of SKIP

To: chris.swanson@ssds.com (Chris Liljenstolpe)
Subject: Re: comments on draft 03 of SKIP
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Date: Sat, 28 Oct 1995 00:00:58 +0100 (MET)
Cc: pingn@jurassic.eng.sun.com, ipsec@ans.net, skip-info@tik.ee.ethz.ch, skip@tik.ee.ethz.ch, ashar@incog.com, markson@incog.com
In-Reply-To: <199510271738.AA16746@interlock.ans.net> from "Chris Liljenstolpe" at Oct 27, 95 12:32:01 pm

Chris Liljenstolpe wrote:
> >>   > Since there is nothing secret about DH public values, one natural way 
> >>   > to discover the relevant authenticated _public value_ is to distribute 
> >>   > these using a directory service.
> >> authenticated directory service ?
> >no authenticated _directory service_ is needed here.
> I disagree with this.  If I am receiving public keys from some directory
> service that I have decided to trust (I think that they take proper
> authentication actions, etc), I want to know that I am really talking to
> that directory service and not some mitm or imposter.

Hi Chris,
I thought we were talking about authenticated public values. I do not mind
who sends me the values, as long as I can trust one of the parties that
authenticated them, and I securely get the public key of such a party.

Did I oversee something?

Germano

References:

Re: comments on draft 03 of SKIP

From: "Chris Liljenstolpe (Swanson)" <chris.swanson@ssds.com>

Prev by Date: Re: comments on draft 03 of SKIP
Next by Date: Re: comments on draft 03 of SKIP
Prev by thread: Re: comments on draft 03 of SKIP
Next by thread: Re: comments on draft 03 of SKIP
Index(es):
- Main
- Thread