[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NetScape's dependence upon RSA down for the count!

To: [email protected], [email protected]
Subject: Re: NetScape's dependence upon RSA down for the count!
From: [email protected] (John L. Bass)
Date: Sat, 30 Sep 95 16:39:57 -0600
Sender: [email protected]

>   [email protected] writes:
>    > client ->       filter                          Client sends packet with K(c)
>                 filter ->       Server          filter forwards packet with K(f)                filter       <- Server          Server sends encrypts with K(f)
>    > client       <- filter                          filter re-encrypts with K(c)
>    >
>    > As the protocol progresses the filter also uses the master key,
>    > and follows the renegotiation as the master key expires.
> 
> Yeah, but in order for this to work, the fake server needs to know
> netscape.com's private (secret) key, no?
> 
> -jon

No ... the public part of any server private key is held by the filter
and not returned to the client. The client only encrypts with public
keys provided by the filter. The Server only encrypts with public keys
provided by the filter. The filter has cleartext of the entire session.

John

Follow-Ups:
- Re: NetScape's dependence upon RSA down for the count!
  - From: Eric Murray <[email protected]>

Prev by Date: Auto-signing
Next by Date: Re: NetScape's dependence upon RSA down for the count!
Prev by thread: Re: NetScape's dependence upon RSA down for the count!
Next by thread: Re: NetScape's dependence upon RSA down for the count!
Index(es):
- Date
- Thread