I just wrote:
] Perhaps you assumed no one around here
] knows about DH or other means to get session confidentiality.
To forestall quibbles, yes, a simple DH exchange with random
keys won't exclude men in the middle.
As I have said repeatedly, the IETF has locked up too many times
insisting on security that is perfect and ended up with something
unusable.
If you read my previous messages to the list you will find that I
state that DH would have been sufficient for purposes of mail. This
is clearly the case if the alternative is to send en-clair.
In this particular case it would be sufficient to use self signed
certificates whose only authentication came from the fact that they
were obtained by means of XKMS Locate from the XKMS server in the
relevant DNS zone.
Don't assume you know my business strategy, you do not. I believe that
the more people who use cryto of any type - yes including self-signed
certs and PGP keys, the greater the demand there will be for trusted
third parties who add value through appropriate authentication
mechanisms.
Phill
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg