-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Another argument is “minimal dependency.” If you use public key, you depend on both the public key algorithm, to establish the key, and the symmetric key algorithm, to protect the session. If you just use symmetric key, you depend on only one algorithm.
Of course, that means getting pair-wise shared secrets, and protecting them. Whether that’s harder or more fragile than maintaining a key ring is a matter of debate. It is probably more robust than relying on CA. - -- Christian Huitema -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) Comment: Using gpg4o v3.1.107.3564 - http://www.gpg4o.de/ Charset: utf-8 iQEcBAEBAgAGBQJSK32sAAoJELba05IUOHVQYEQH/iugLUvpdwZoNbtZCXFoB4O8 yP+h6RdcKIraCZww/vrUeXYodfqn9AHWHfQmf0Gx6VlEpXMasJqi8DMR4Fyy4iAk kq5GfuGITBZjeN3gW2Xf20wK0P5nFCgD0sK0sDwuYVZmx6K5Qc4uFt4VNooCoewe rDk48vMRkJnz409M0YXU6Fnxrl7Tm0Tuk513HwAJjNetO1OLH7vznP+iGkZjdbxp CzGuqZuEFwl2gm7TT0I+sciTRoRiVSBmNu+fxNOai9bo2vMUG4eVjSLX+mqRcAbe fVmpSCf9BcA01DLUlRgHityfM9HzdEbQKjdX8QvT4YCI6X7wZ21zTKB2G8ISiwI= =d5yn -----END PGP SIGNATURE-----
Another argument is “minimal dependency.” If you use public key, you depend on both the public key algorithm, to establish the key, and the symmetric key algorithm, to protect the session. If you just use symmetric key, you depend on only one algorithm. Of course, that means getting pair-wise shared secrets, and protecting them. Whether that’s harder or more fragile than maintaining a key ring is a matter of debate. It is probably more robust than relying on CA. -- Christian Huitema |
PGPexch.htm.sig
Description: Binary data
_______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
