[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on draft-crocker-mast-proposal-00.txt
Erik,
EN>... I originally thought that
EN> something like PBK would be the result, but some careful anaylsis resulted in
EN> a simpler scheme which just uses 3-way handshake to effictive establish a
This is pretty interesting. I know enough about security issues to appreciate
their difficulty and to be able to compare different designs. I don't know
enough to be clever in designing one myself.
Still, I had originally thought that a basic 4-way notification/response sequence
-- each side notifies the other of the nonce it will use and the other side
confirms -- ought to provide enough security for this purpose.
In any event, what is clear is that there are a number of adequate choices
available. For the purposes of MAST's design approach, any of them is fine.
Whatever folks prefer -- as long as it does not require going to an outside
certificate authority, or the like -- is certainly acceptable to me.
d/
--
Dave Crocker <dcrocker-at-brandenburg-dot-com>
Brandenburg InternetWorking <www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>