[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI: identity protection and DOS



"Steven M. Bellovin" <smb@research.att.com> writes:

> You misunderstand.  I'm suggesting that whatever secure channel could 
> be used to share a symmetric key could be used to share a public key.  
> If you can't trust that channel, you can't use pre-shared secrets, 
> either.

To play devil's advocate, you can (relatively-) easily share a
secret via voice and telephone.  Sharing a public key via telephone
is much more challenging.

OTOH, one could send the public key via email and then vocally
exchange a hash of the key, so I suppose it's six or one-half
dozen....

> 		--Steve Bellovin, http://www.research.att.com/~smb
> 		Full text of "Firewalls" book now at http://www.wilyhacker.com

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available


Follow-Ups: References: