> What happened to Diffie-Hellman? Last I heard, its whole point was > to enable secure communication, protected from both eavesdropping > and MIM attacks, between systems having no prior trust relationship > (e.g. any sort of pre-shared secret). What stops the server and > client from establishing a Diffie-Hellman session and using it to > perform the key exchange?
I am not expert in cryptography, but logic tends to tell me that is I have no prior knowledge about the person I am about to talk to, anybody (MIM) could pretend to be that person. The pre-shared information need not to be secret (key fingerprints are not secret), but there is need for pre-shared trusted information. Bests, Olivier _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"