>>>>> "Tim" == Tim Shepard <[EMAIL PROTECTED]> writes:
Tim> Sam said:
>> No. opportunistic encryption means I have retrieved a key or
>> cert for the other party, but do not know whether it is
>> actually the right cert.
Tim> If the key is retrieved from the other end of a TCP
Tim> connection (like vanilla ssh works the first time), is that
Tim> included within the definition of "opportunistic encryption"?
Yes.
Note that for at least one of the uses of anonymous ipsec you
specifically don't want this behavior because you specifically don't
want people to cache keys in an ssh known_hosts style. For other uses
you would want this behavior.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
