Am 02.10.2008 um 19:58 schrieb Dave Cridland:
Assymetric authentication in esessions in only possible if the SAS code is transferred over a channel which, itself, provides only assymetric authentication. The SAS mechanism itself is symmetric, but can only prove the security equivalence of the two channels, thus if the SAS side-channel has assymetric properties, then so with the esession itself.
This hasn't to do with asymmetric or symmetric. The other side, say the police, could tell me their SAS. Then I can silently verify them or not. They never know if I verified them. They never know if the SAS matched. Thus one-side verification IS possible.
So if you are providing other people with the SAS code for the esession via, say, a web page, then because all they can say about the web page is that you have some control of it, then all they can say about the esession is it belongs to someone with control of the webpage.
You clearly didn't get the concept of an SAS. You can't put an SAS on a web page as that's different with every session.
To get a side-channel that proved your identity entirely without disclosing anything about the other end would be quite tricky, and in fact the only one that springs to my mind is using a CA signed certificate and a TLS session, and given that arrangement, it seems most useful to just use that for communications.
You disclose nothing with the SAS - it's different for every session and you don't even have to tell them if it matched or not.
However, you're correct in as much as it is possible to do.
At least we agree here :). -- Jonathan
PGP.sig
Description: This is a digitally signed message part
