Re: draft-igoe-secsh-x509v3-00

To: Jeffrey Hutzelman <jhutz%cmu.edu@localhost>
Subject: Re: draft-igoe-secsh-x509v3-00
From: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Date: Tue, 15 Dec 2009 15:47:41 -0600

On Thu, Nov 19, 2009 at 08:06:58PM -0500, Jeffrey Hutzelman wrote:
> --On Thursday, November 19, 2009 01:11:43 PM -0700 Joseph Galbraith 
> <galb-list%vandyke.com@localhost> wrote:
> 
> >If I'm not mistaken, all current key exchange algorithms
> >(all derivatives of diffie hellman) only require digitalSignature,
> >since the hostkey isn't actually used during the key agreement
> >stage.  Does that sound correct?
> 
> Yes, I believe that's currently true.

Right.  RFC4432 introduced RSA key transport, but hosts are still
authenticated via public key signatures.

Nico
--

References:
- draft-igoe-secsh-x509v3-00
  - From: Igoe, Kevin M.
- Re: draft-igoe-secsh-x509v3-00
  - From: Joseph Galbraith
- Re: draft-igoe-secsh-x509v3-00
  - From: Jeffrey Hutzelman
- Re: draft-igoe-secsh-x509v3-00
  - From: Joseph Galbraith
- Re: draft-igoe-secsh-x509v3-00
  - From: Jeffrey Hutzelman

Prev by Date: Re: draft-igoe-secsh-x509v3-00
Next by Date: Re: draft-igoe-secsh-x509v3-00
Previous by Thread: Re: draft-igoe-secsh-x509v3-00
Next by Thread: Re: draft-igoe-secsh-x509v3-00
Indexes:

Home | Main Index | Thread Index | Old Index