[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Secure comm program, Sockets + LINK



  My concerns about two way authentication become clear when you
concider the LINK+sockets program a substitute for rsh, rexec, login
or similar programs.  You don't want to be spoofed, and you don't want
others using your account.

  When you are using LINK in the way it was originaly designed, you
more or less *have* authentication in both directions.  From you to it
since discovering a private key given a public key is concidered
hard.  From it to you since *presumably* the only user able to read
the key file on the shared machine is you.

  The bootstrap problem (how you get the public key to the machine
with only unsecure chanels at your disposal) is interesting though.  I
wonder if it can be solved without DH key exchange?

j'