[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SPKI signing keys only
> From: firstname.lastname@example.org (David P. Kemp)
> > So, let me say again, SPKI should _never_ provide key establishment, and
> > this should be clearly stated.
> Fine with me. But if SPKI certs can never be used with Photuris or
> ISAKMP/Oakley or TLS, the working group should clearly state that intention
> so that communication protocol designers don't have to worry about handling
> SPKI certs.
Obviously, we are writing in different languages, or someone is being
SPKI Identifications can indeed be used with Photuris, Oakley, and/or
TLS -- for Authentication purposes only.
SPKI keys should not be used for "key establishment". That is,
encrypting a session-key directly.
Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Key fingerprint = 2E 07 23 03 C5 62 70 D3 59 B1 4F 5E 1D C2 C1 A2