On the Sun, Sep 17, 2006 at 11:33:22AM +0200, Michael Naef blubbered: > Hi Daniel > > On 9/17/06, Daniel Lorch <[EMAIL PROTECTED]> wrote: > [..] > >Are you sure? Isn't that exactly the point of asymmetric cryptography? > >The way I see it, TLS and SSL work like this (analogous to PGP): > > [1.2.3.] > > Almost. The asymetric encryption is only used to negotiate a symetric > session key between the peers for various reasons.
Mostly it's performance reasons. SSH (which uses SSL as well) does the same. The session key is renewed frequently, default of OpenSSH is 3600 Seconds (1 hour) I'm not sure whether session keys are only negotiated over asymmetric encryption initially or at renewal too. Anyone can clarify this? CU, Ventilator -- Martin Ebnöther, [EMAIL PROTECTED] http://www.semmel.ch/ Videogamer, Techno Musician, Gourmet, R-Typer, Beer drinker, Lefty Symlinker, Playstationeer, Chilihead, Honda driver, Paranoia GM This space for rent. Call 0800-Semmel-Ads _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
