Re: public key transfer problem.

[Stuart Jacobs <sjj0@gte.com>]

Regardless of how you obtain a subject's public key, how do you know that
the public key you are about to use actually belongs to the intended
recipient?  I suggest that the only way any public key can be used is by
first having validated the key via a trusted third party in a formal web of
trust (Certificate Authority and PKI) or by direct communication with the
key owner for an informal web of trust (ala PGP).

Stu

At 2/10/99 04:32 PM, you wrote:
>>   In the RFC-2409 (the IKE RFC) in section 5.2 (phasa 1 Authenticated with
>> Public Key Encryption) it is said that " in order to perform the public
>> key encryption, the initiator must already have the responder's public
>> key."
>> 
>> My quastion is : How one can have the responder's (or vise versa; 
>> initiators) public key.
>
>Perhaps by prearrangement, e.g. transferring it by FTP.  Perhaps by
>getting it from a KEY record in a DNS entry (see RFC 2065).  Perhaps by
>talking to a key server of some other kind. 
>
>                                                          Henry Spencer
>                                                       henry@spsystems.net
>                                                     (henry@zoo.toronto.edu)
> 
==========================
Stuart Jacobs CISSP
Network Security
GTE Laboratories
40 Sylvan Road
Waltham, MA 02454
USA
telephone: (781) 466-3076
fax: (781) 466-2838
==========================

---

Follow-Ups:

• Re: public key transfer problem.
• From: Henry Spencer <henry@spsystems.net>

References:

• public key transfer problem.
• From: Oktay Adalier <oadalier@yunus.mam.gov.tr>
• Re: public key transfer problem.
• From: Henry Spencer <henry@spsystems.net>

---

• Prev by Date: Cookie Requirements
• Next by Date: Re: public key transfer problem.
• Prev by thread: Re: public key transfer problem.
• Next by thread: Re: public key transfer problem.
• Index(es):
  • Main
  • Thread