Has there been a change in US banking regulations recently?
Nicolas Williams
Nicolas.Williams at oracle.com
Mon Aug 16 00:33:09 EDT 2010
On Fri, Aug 13, 2010 at 02:55:32PM -0500, eric.lengvenis at wellsfargo.com wrote:
> There are some possibilities, my co-workers and I have discussed. For
> purely internal systems TLS-PSK (RFC 4279) provides symmetric
> encryption through pre-shared keys which provides us with whitelisting
> as well as removing asymmetric crypto. [...]
For purely internal systems Kerberos is really the way to go, mostly
because it's so easy to deploy nowadays.
TLS-PSK is not a useful way of building any but the smallest networks,
and for two reasons: a) there's no agreed PBKDF and password salting
mechanisms, so passwords are out, b) there's no enrolment mechanism, so
PSK setup is completely ad-hoc.
Nico
--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list