[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Secret public keys

To: David Chen <dchen@indusriver.com>
Subject: RE: Secret public keys
From: Stephen Kent <kent@bbn.com>
Date: Fri, 23 Jul 1999 18:36:18 -0400
Cc: Stephen.Waters@cabletron.com, dpj@IntegritySciences.com, ipsec@lists.tislabs.com, ietf-ipsra@vpnc.org
In-Reply-To: <3770797500008EFC@mcfeeley.indusriver.com> (added bymcfeeley.indusriver.com)
References: <3.0.5.32.19990723134652.00812070@world.std.com><29752A74B6C5D211A4920090273CA3DCA868AF@new-exc1.ctron.com>
Sender: owner-ipsec@lists.tislabs.com

,
 Chen wrote:
>I thought we like the public key as "public" as possible. (so that to
>prevent attack)
>How can someone want a "secret" for "public" key ?
>If it is secret, then it is private.
>Don't you agree?

No. Making a public key public does nothing to improve its security.  We're
not talking about algorithms here.  Public keys are public to facilitate
verification of signatures, encryption, etc.  However, one can choose to
not disclose a public key to everyone, but rather to disclose it only to a
selected set of peers if the application context supports that.
Authentication in a closed system is an example of such a context.

Steve

References:

RE: Secret public keys

From: David Jablon <dpj@world.std.com>

RE: Secret public keys

From: "Waters, Stephen" <Stephen.Waters@cabletron.com>

Prev by Date: Re: XAUTH is broken
Next by Date: Re: Aggressive mode fallback to main mode
Prev by thread: RE: Secret public keys
Next by thread: RE: Secret public keys
Index(es):
- Main
- Thread