[dcc2] Multi headers + metadata
Phoenix Fyrestar
miyako_houou at comcast.net
Thu Apr 29 17:30:12 EDT 2004
What about doing this through some sort of automated public key encryption.
Each client generates a random public/private key pair, then exchange public
keys
Then either all data, or a symmetric key, is transferred using the public
key encryption method.
On 4/29/04 1:35 AM, "Ben Damm" <bdamm-dcc2 at dammfine.com> wrote:
> On Thu, Apr 29, 2004 at 01:11:00AM -0500, Phoenix Fyrestar wrote:
>> As far as running everything through SSL, I have no problem with this, I was
>> just under the (apparently mistaken) impression that for some reason or
>> another people were thinking this might not be a good idea, so I was trying
>> to purpose alternate solutions.
>
> My understanding of SSL is that it both encrypts and authenticates (if
> you trust the certificate authority). Some people think this is great,
> but to me it sounds like overhead. As a light-weight encryption
> system, SSL is not so hot because of the certificates. People are not
> going to go purchasing certificates from VeriSign just to use DCC, and a
> self-signed certificate is just as bad as no authentication at all (i.e.
> no protection against man-in-the-middle attacks).
>
> So, the idea with symmetric keys is that you generate a secret and
> exchange it via an asymmetric algorithm, then switch to the symmetric
> algorithm to do the transfer. You do this switching because asymmetric
> encryption is much more resource intensive than symmetric communication.
>
> -Ben
>
> _______________________________________________
> dcc2 mailing list
> dcc2 at dcc2.org
> http://six.pairlist.net/mailman/listinfo/dcc2
More information about the dcc2
mailing list