Date sent: Tue, 20 Mar 2001 16:22:53 -0800
Subject: Re: How can I encrypt public key in handshake?
From: "corky peavy" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Send reply to: [EMAIL PROTECTED]
Again, if you are looking for a "username/password" style
authentication method, take the following URL:
http://srp.stanford.edu
It may not make the god almighty security experts happy, but it
beats the hell out of using username/password in the clear. Gee, I
wonder if its true that the vast majority of companies worldwide still
use the plaintext password method? Besides, I don't know of any
method in use today that prevents someone very determined to
intercept communications links successfully.
Ken
> This kind of ad hoc
> thinking by amateurs never results in a protocol worthy of deployment.
>
> The whole concept of encrypting public keys is ludicrous, and it
> doesn't matter what the answers are when you're asking the wrong
> questions.
> ______________________________________________________________________
>
Actually, I agree, but in the abscence of other solutions....
If there is a well thought out solution, that would certianly serve the
security requirement better. Is there such a thing, other than the drafts
that are still just getting started?
__________________________________________________
FREE voicemail, email, and fax...all in one place.
Sign Up Now! http://www.onebox.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
__________________________________________________
Support
InterSoft International, Inc.
Voice: 888-823-1541, International 281-398-7060
Fax: 888-823-1542, International 281-560-9170
[EMAIL PROTECTED]
http://www.securenetterm.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
