On 12 Jan 2000, Niels M�ller wrote:
> "Eric J. Schwertfeger" <[EMAIL PROTECTED]> writes:
>
> > On 12 Jan 2000, Niels M�ller wrote:
> >
> > fixed. Wasn't sure about that, not having gone over the actual protocol.
> > That makes more sense than what I was envisioning, because what I was
> > envisioning wouldn't work if the user didn't have a key pair.
>
> Actually, ssh-1 uses RSA in encryption mode, rather than DH and a
> signature. Likewise for the (most common) operation with SSL. To do
> this, the client chooses a random session key, encrypts it with the
> server's public key, and sends it over. The server (and *only* the
> right server) can decrypt this to get the session key.
Probably where I got the idea then. I've got an overview of cryptography
technology, but I never went into depth with it, because there isn't a
point. I'd be limited to a program that couldn't leave the US/Canada area
because of stupid crypto laws that don't achieve what they intend to
anyway, and I'll cut the rant short there.
