Full Disclosure mailing list archives
Re: JaPCrypt
From: Valdis.Kletnieks () vt edu
Date: Wed, 06 Feb 2008 11:39:31 -0500
On Wed, 06 Feb 2008 17:23:49 +0100, Christoph Gruber said:
If you are able to use PGP/GPG/S/Mime you HAVE already an implemented PKI. Why should someone use PKI to initialize another?
There's this thing called "The Real World", where often you end up doing stuff like this because something is just plain busticated. For instance, https gives us: a PKI that allows us to use RSA or similar to verify the other end's identity and exchange a shared-secret to use as a symmetric session key. Unfortunately, there's cases where you don't *have* https available (as noted in the original posting). So what do you do? You roll-your-own using PGP or S/MIME to verify identities (if it isn't who it claims to be from, it won't decrypt) and exchange a shared secret, and then use JaPCrypt to do the symmetric encryption.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- JaPCrypt Gerardo Di Giacomo (Feb 06)
- Re: JaPCrypt coderman (Feb 06)
- Re: JaPCrypt T Biehn (Feb 06)
- Re: JaPCrypt T Biehn (Feb 06)
- Re: JaPCrypt T Biehn (Feb 06)
- <Possible follow-ups>
- Re: JaPCrypt Gerardo Di Giacomo (Feb 06)
- Re: JaPCrypt coderman (Feb 06)
- Re: JaPCrypt Valdis . Kletnieks (Feb 06)
- Re: JaPCrypt Epic (Feb 06)
- Re: JaPCrypt Christoph Gruber (Feb 06)
- Re: JaPCrypt Valdis . Kletnieks (Feb 06)
- Re: JaPCrypt coderman (Feb 06)
- Re: JaPCrypt coderman (Feb 06)