At Wed, 23 Jul 2008 17:32:02 -0500, Thierry Moreau wrote: > > > > Anne & Lynn Wheeler wrote about various flavors of certificateless > public key operation in various standards, notably in the financial > industry. > > Thanks for reporting those. > > No doubt that certificateless public key operation is neither new nor > absence from today's scene. > > The document I published on my web site today is focused on fielding > certificateless public operations with the TLS protocol which does not > support client public keys without certificates - hence the meaningless > security certificate. Nothing fancy in this technique, just a small > contribution with the hope to facilitate the use of client-side PKC.
DTLS-SRTP (http://tools.ietf.org/html/draft-ietf-sip-dtls-srtp-framework-02, http://tools.ietf.org/html/draft-ietf-avt-dtls-srtp) uses a similar technique: certificates solely as a key carrier authenticated by an out-of-band exchange. -Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
