On Tue, Aug 19, 2008 at 10:41 AM, Jonathan Schleifer <[EMAIL PROTECTED]> wrote: > Another problem that came to mind was: > > Every client needs its own key. How to do that on mobile devices? Could > be difficult to get a cert from a CA there.
I certainly agree that this is a problem, but I don't think anyone is suggesting that. I had always assumed that if you were in a cert-based system like TLS, the clients would generate self-signed certs purely for use as a key transport mechanism (see DTLS-SRTP as an example of a system that does this.) -Ekr
