Another entry in the internet security hall of shame....
James A. Donald
jamesd at echeque.com
Wed Aug 31 13:08:08 EDT 2005
From: --
From: Stephan Neuhaus
<neuhaus at st.cs.uni-sb.de>
> If I have understood the draft correctly, using PSKs
> means that the server and the client have a shared
> secret that they must communicate securely beforehand,
> and that they use some form of ZKP to assure the other
> party that they know that secret without revealing it.
>
> If that's indeed so, wouldn't this have key management
> and storage issues that PK was designed to prevent in
> the first place?
But does not, in fact, prevent.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
9DcDsP364D9PAHlb9SrTA4By8bWsJWYZxs8ZH9xB
4cQSP1xXUj2reoZ2icPXcJbFjGP6wBWfZQO13feDH
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list