[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

PKINIT utilizes ephemeral-ephemeral Diffie-Hellman keys in
    combination with RSA keys as the primary, required mechanism.

How is the AS-reply encrypted if DH is not used as per spec?


Daniel Kouril wrote:

> On Thu, May 23, 2002 at 05:43:31PM -0700, Christopher James wrote:
> > I noticed that Diffie-Hellman is not supported in the pre-beta
> > (May 15, 2002) version of PKINIT.  What are your plans for
> > supporting Diffie-Hellman in future releases?  Thanks.
> We're not planning to implement support of DH at the moment. I'd prefer to
> make the current version stable without adding of new features.
> --
> Dan