[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: public key transfer problem.
Regardless of how you obtain a subject's public key, how do you know that
the public key you are about to use actually belongs to the intended
recipient? I suggest that the only way any public key can be used is by
first having validated the key via a trusted third party in a formal web of
trust (Certificate Authority and PKI) or by direct communication with the
key owner for an informal web of trust (ala PGP).
Stu
At 2/10/99 04:32 PM, you wrote:
>> In the RFC-2409 (the IKE RFC) in section 5.2 (phasa 1 Authenticated with
>> Public Key Encryption) it is said that " in order to perform the public
>> key encryption, the initiator must already have the responder's public
>> key."
>>
>> My quastion is : How one can have the responder's (or vise versa;
>> initiators) public key.
>
>Perhaps by prearrangement, e.g. transferring it by FTP. Perhaps by
>getting it from a KEY record in a DNS entry (see RFC 2065). Perhaps by
>talking to a key server of some other kind.
>
> Henry Spencer
> henry@spsystems.net
> (henry@zoo.toronto.edu)
>
==========================
Stuart Jacobs CISSP
Network Security
GTE Laboratories
40 Sylvan Road
Waltham, MA 02454
USA
telephone: (781) 466-3076
fax: (781) 466-2838
==========================
Follow-Ups:
References: