"Perry E. Metzger" <[EMAIL PROTECTED]> writes: >> SSL involves digital certificates. > >Not really, James Donald/George W. Bush. It involves public keys, and it >provides a channel by which X.509 certificates can be exchanged,
Actually it doesn't even require X.509 certs. TLS-SRP and TLS-PSK provide mutual authentication of client and server without any use of X.509. The only problem has been getting vendors to support it, several smaller implementations support it, it's in the (still unreleased) OpenSSL 0.99, and the browser vendors don't seem to be interested at all, which is a pity because the mutual auth (the server has to prove possession of the shared secret before the client can connect) would significantly raise the bar for phishing attacks. (Anyone have any clout with Firefox or MS? Without significant browser support it's hard to get any traction, but the browser vendors are too busy chasing phantoms like EV certs). >> The particular digital certificate format necessarily imply a PKI >> structure > >No, James Donald/George W. Bush, that's not even remotely true. There is no >requirement that you use the certs as anything other than key containers. There's actually no requirement that you use certs at all. In fact if everyone dropped them (i.e. stopped pretending that they work and moved towards something that does) we might all be a whole lot better off. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]