From: Dan Simon <dansimon@microsoft.com> Date: Thu, 25 Apr 1996 16:19:06 -0700 > PCT 2.0 does not permit this kind of authentication. Password-based > authentication is only permitted for either the client or the server > (*not* both), in conjunction with a public-key-based key exchange. Thank you for explaining this. Next time I will read the spec more thoroughly before commenting. Using passwords in this manner sounds like a useful capability for the TLS protocol to support. From: Bennet Yee <bsy@cs.ucsd.edu> Date: Wed, 24 Apr 1996 16:03:09 -0700 > The idea of providing > the pre-encryption mechanism (also applies to the on-the-fly > compression found in SSLv3) is to hide the complexity from the > client. Yes, client non-transparency is a big disadvantage of negotiating NULL protection for pre-encrypted data. That is justification enough for giving the PCT pre-encryption proposal some serious scrutiny.Received on Friday, 26 April 1996 08:49:51 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:48 EDT