> In attempting to solve the hard problem, it fails to make
> provision for solving the easy problem.
That's a deployment issue, not a technical issue. D-H key exchange, for
example, would be just fine. It just so happens that the SSL creators had
a particular business goal in mind: e-commerce, with a "certificate"
re-assuring the nervous customer that they were handing their credit card
to jcrew.com, not, jscrew.com. Yes, SSL was invented to solve a
particular problem. They did a reasonable job at it.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
