Hadriel Kaplan wrote: > Cool. So if I understand this right (and I probably don't), ignoring > rfc4474 identity and IBS for a moment and instead thinking about SRTP > and IBE: I could use IBE to encrypt the security-descriptions > attribute value using the intended target's SIP URI as a key, and > only someone owning that URI (and sharing the same KG) or the KG > itself could decrypt it to learn the sec-desc cleartext to use?
Actually, there are partial-key models where the KG couldn't decrypt it either. There are modes of operation that allow the full private key to be a product of a secret (retained by the user) and the output of the PKG. Hence you need to know both parts to decrypt or sign a message. > -hadriel p.s. the KG would actually be a problem for IBE, wouldn't > it? I mean the KG can always decrypt it. (at which point they would > be the Key Generator Backdoor - aka, the KGB ;) Yep. Early IB systems worked as you describe. But they don't HAVE to work that way. -- Dean _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
