potential new IETF WG on anonymous IPSec
Hadmut Danisch
hadmut at danisch.de
Tue Sep 14 05:55:41 EDT 2004
On Mon, Sep 13, 2004 at 02:41:21PM -0400, Sam Hartman wrote:
>
> >> No. opportunistic encryption means I have retrieved a key or
> >> cert for the other party, but do not know whether it is
> >> actually the right cert.
>
> Tim> If the key is retrieved from the other end of a TCP
> Tim> connection (like vanilla ssh works the first time), is that
> Tim> included within the definition of "opportunistic encryption"?
>
> Yes.
Be careful. I believe that this is not as simple. It depends on
what you use the key for.
If it is used for encryption, then something like "opportunistic
encryption" exists. After all, using an unverified key for encryption
is not yet worse than using no encryption. So even if the key might
be the attacker's one, nothing is lost compared to plain
communication.
But avoiding faked TCP resets is also a matter of authenticity.
Does 'opportunistic authentication' exist?
regards
Hadmut
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list