AW: [Security] XTLS

Matthias Wimmer m at tthias.eu
Sat Mar 17 04:58:16 CDT 2007


Alexander Gnauck schrieb:
> I agree with Justin, it shold be be that hard to implement if your TLS
> library gives you access to the stream.
> But what about the certificates?

You can do TLS with and without certificates. If you are doing it with
them you can use certificates issued by a CA or with self-signed ones,
you can even use PGP keys as certificates in TLS
(draft-ietf-tls-openpgp-keys-11.txt). If you are using TLS without
certificates you can do anonymous key exchange, use preshared keys for
authentication or use the Secure Remote Password protocol for
authentication.

So I don't think that certificates are a problem ...


Matthias

-- 
Matthias Wimmer      Fon +49-700 77 00 77 70
Züricher Str. 243    Fax +49-89 95 89 91 56
81476 München        http://ma.tthias.eu/



More information about the Security mailing list