Am 06.10.2008 um 11:17 schrieb Dave Cridland:
Right, you'd ideally need a SIGMA-I, no SAS at all, and some method for verifying the police's public key. But since the esession protocol provides no method for doing that short of transferring the entire public key using a side-channel, I'm not entirely convinced it helps much beyond moving the problem about, and using a big chunk of static data with no agreement on implementation instead of a short variable string.
ESessions also offers public keys.Btw, why do you come up with ESessions in a thread that isn't about them? I thought we already had that flamewar? Is it necessary to start it again?
So what you're saying there, then is that the SAS exchange is worthless, because there's no way for me to prove that, once I've given you a SAS code, whether or not it matched, irregardless of whether or not the other party continues, and therefore whether or not the session is secure.
Why is it worthless? If I talked to the other person on the phone for example and let him tell me his SAS and it matches mine, I know that he's the person I think he is. He knows it's me because he talked to me on the phone and I assured him to have the same SAS.
Under what circumstances, in your opinion, does exchanging a SAS code for a session prove anything at all, and what does it prove?
See above. -- Jonathan
PGP.sig
Description: This is a digitally signed message part
