Steven M. Bellovin wrote:
Let me point folk at http://www.securityfocus.com/news/5654
for a related issue. To put it very briefly, *real* authentication is
hard.
It may be that real authentication is hard, but the unbelievably sloppy
practices of domain name registrars doesn't prove the case.
martin f krafft writes:
My point was that some commercial vendors (Check Point and others)
claim, that if two partners want to perform a DH key exchange, they
may use their two public keys for g and p. This, in effect, would
mean that g and p were not globally known, but that the public keys