At Mon, 04 Feb 2008 14:29:50 +1000, James A. Donald wrote: > > James A. Donald wrote: > >> I have figured out a solution, which I may post here > >> if you are interested. > > Ian G wrote: > > I'm interested. FTR, zooko and I worked on part of > > the problem, documented briefly here: > > http://www.webfunds.org/guide/sdp/index.html > > I have posted "How to do VPNs right" at > http://jim.com/security/how_to_do_VPNs.html > > It covers somewhat different ground to that which your > page covers, focusing primarily on the problem of > establishing the connection. > > "humans are not going to carry around large > strong secrets every time either end of the > connection restarts. In fact they are not going > to transport large strong secrets any time ever, > which is the flaw in SSL and its successors such > as IPSec and DTLS
This paragraph sure is confused. 1. IPsec most certainly is not a successor to SSL. On the contrary, IPsec predates SSL. 2. TLS doesn't require you to carry around strong secrets. I refer you to TLS-SRP [RFC 5054] 3. For that matter, even if you ignore SRP, TLS supports usage models which never require you to carry around strong secrets: you preconfigure the server's public key and send a password over the TLS channel. Since this is the interface SSH uses, the claim that humans won't do it is manifestly untrue. -Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]