On Mon, Aug 07, 2000 at 10:48:26AM +0100, Michael ROGERS wrote: > >KSKs are equal to KHKs. They just arent forgable. We most certainly have > >guessable keys. > > If KSK are guessable, they are forgable. See my post to freenet-tech for > details.
You misunderstand. What I meant by forgeable is, without knowledge of the plaintext keyword used to create the KSK, a node cannot return bogus data on a request. KHKs because they were unverified, were suceptible to an attack where a node modified the data it returned on a request. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000807/370de26a/attachment.pgp>
