Yes, but then you do not get any authentication. Using a static key in a
certificate provides authentication.
Russ
At 01:13 PM 4/1/98 +0000, Dr Stephen Henson wrote:
Russ Housley wrote:
This part of the specification is still being written.
Russ
OK. There are some advantages in using a one time session key over both
sides using their permanent keypairs. For example they don't have to
share the same parameters and there is no "implied signature".
Steve.
--
************************************************
* Dr Stephen N. Henson. *
* Freelance Cryptographic Consultant. *
* Email: shenson(_at_)bigfoot(_dot_)com *
************************************************