At 10:17 AM +0100 2/22/11, Henry Story wrote: >... > > >> I don't think that most users, who often can't even tell if they >>have contacted a TLS-secured site, would think of a public key as >>part of the identity for the service. I also don't think that most >>of them think about the port either. > >I was not speaking to most users but to this group of security >specialists during a discussion on a protocol. The public key is a >definite description that uniquely identifies the agent for the >purpose of computers, not for the general public. The context you envisioned was not clear from your statement. a public key can be a UID for an object, but I'd hesitate to call it descriptive. >... > >I am aware of symmetric cryptography's role. But it is public key >cryptography that is core in authenticating the server, and setting >up the symmetric crypto channel. Symmetric cryptography is used >because it is less cpu intensive. I think it best to be precise when discussing what one would like to see become a standard. SteveReceived on Wednesday, 23 February 2011 02:14:38 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:42 UTC