[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: worldwide announce: New OTP Mail/FTP apps



> One initial connection is all that is needed to have a secure
> connection for the lifetime of the two communicating parties. This
> initial connection can be accomplished via any number of ways. It
> does involve an initial one time only shared secret. This is much
> different than the many shared secrets and key management issues of
> private and public key systems.  For the initial connection you can
> stick the machines back to back if you are really worried about
> security. This initial transaction serves as a seed for subsequent
> transactions. All subsequent transactions depend on preceding
> transactions. A degree of randomness comes from the randomness of
> the messages. Each next word in the message is random.

I'm a little new to this, but I thought the whole idea behind keys was
not having to whisper "secrets" to someone on the other side of a
crowded mall. Most people don't have the luxary of connecting their
computers back to back with someone on the other side of the world
just to ensure a secure communications path. Ther would have to be
some mechnisms to ensure that secure delivery of your "secret", and
that brings us back to key management, so the whole thing is rather
self defeating.

Christopher