[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI: identity protection and DOS



On Mon, 26 Nov 2001, Michael Thomas wrote:
>    If you allow for pre-shared keys, then it clearly 
>    requires an extra message or two.

"If I hit myself on the head with a hammer, it hurts."

The fix is obvious: sort out some simple zero-infrastructure
authentication approach -- manually-shared raw public keys, simple
self-signed certificates, whatever -- and forget shared secrets. 

                                                          Henry Spencer
                                                       henry@spsystems.net



References: