[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: identity protection and DOS
On Mon, 26 Nov 2001, Michael Thomas wrote:
> If you allow for pre-shared keys, then it clearly
> requires an extra message or two.
"If I hit myself on the head with a hammer, it hurts."
The fix is obvious: sort out some simple zero-infrastructure
authentication approach -- manually-shared raw public keys, simple
self-signed certificates, whatever -- and forget shared secrets.
Henry Spencer
henry@spsystems.net
References: