[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI QUESTIONS: 2.3 Perfect forward secrecy (PFS)
On Thu, 20 Jun 2002, Paul Koning wrote:
> > They migrate from distributing opaque blobs of hex digits that must be
> > kept private to distributing opaque blobs of base64 digits that do not
> > benefit from staying private, but it doesn't hurt them either.
> > Can they tell the difference? The length is a bit longer.
>
> A LOT longer. Long enough that -- unlike preshared keys -- you cannot
> enter them manually.
Although, as has been noted before, it's quite conceivable to generate RSA
keys from preshared keys in some standard, systematic way. There are two
separate issues here: the bits on the wire, and the user interface.
Wanting a simple shared-secret user interface doesn't mean it has to be
reflected in the on-the-wire protocol.
> > Everyone please repeat: PK does not require I to be useful.
>
> True. But PK, even if all you ever use is selfsigned certs, still
> needs a lot more near-incomprehensible concepts than preshared keys
> do.
How many are required if all you ever use is RSA keys? (PK does not
require certificates either -- they are an artifact of the "I" part.)
Henry Spencer
henry@spsystems.net