>> -----Original Message-----
>> From: Eric Rescorla [mailto:[EMAIL PROTECTED] 
>> Sent: Wednesday, December 01, 2004 7:01 AM
>> Cc: Ben Nagy; [EMAIL PROTECTED]
>> Subject: Re: SSL/TLS passive sniffing
>> "Ian Grigg" <[EMAIL PROTECTED]> writes:
> [...]
>> > However could one do a Diffie Hellman key exchange and do this
>> > under the protection of the public key? [...]
>> Uh, you've just described the ephemeral DH mode that IPsec
>> always uses and SSL provides.
>> Try googling for "station to station protocol"
>> -Ekr
> Riiiiight. And my original question was, why can't we do that one-sided with
> SSL, even without a certificate at the client end? In what ways would that
> be inferior to the current RSA suites where the client encrypts the PMS
> under the server's public key.

Just to be completely clear, this is exactly whatthey 
TLS_RSA_DHE_* ciphersuites currently do, so it's purely a matter
of configuration and deployment.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to