Masataka Ohta wrote:
Nikos Mavrogiannopoulos wrote:
Not really. I Don't know what you mean by simple nonce, but as I
understand dnscurve if implemented properly would have ssh-style
authentication.
Ssh without secure public key distribution mechanism is not really
secure cryptographically.
In general, public key cryptography is scure only if public key
distribution is secure.
Well as far as I know ssh works pretty well today and this model can be
easy made verifiable (i.e. secure as you say) by the administrator
verifying the keys of upstream.
Being "secure" heavily depends on what your requirements are and from
whom you are protecting from. Is a typical bank in europe secure? Can a
general go with an armory division and take the money? Of course he can,
but banks don't consider this a threat.
regards,
Nikos
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf