ietf-smime
[Top] [All Lists]

Re: DH keypair generation

1997-11-12 05:31:07
Blake:

Usually, two certificates are used, one for key management and one for
signature.  

Diffie-Hellman is a key management algorithm.  DSS is a signature
algorithm.  While the same private/public might be used for both, this not
not usually done.

Russ

At 12:59 PM 11/7/97 -0800, Blake Ramsdell wrote:
On Thursday, November 06, 1997 11:49 AM, jsp(_at_)jgvandyke(_dot_)com
[SMTP:jsp(_at_)jgvandyke(_dot_)com] wrote:
4) Sec 4.1, 1rst para, 1rst sent: Please delete "RSA" from: "An S/MIME
agent
or some related administrative utility or function MUST be capable of
generating RSA key pairs on behalf of the user."

My concern is along the lines of how keypairs work in the DH new world
order.  Is there always a separate pair for signing and encrypting?

I'd like to get that clarified also, because I think that it belongs in
this section also.

Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103  Fax +1 425 882 8060


<Prev in Thread] Current Thread [Next in Thread>
  • Re: DH keypair generation, Russ Housley <=