[Security] TLS-SRP Questions
jonathanD at k2.com
Thu Aug 21 15:25:51 CDT 2008
> -----Original Message-----
> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
> Behalf Of Dirk Meyer
> Sent: Thursday, August 21, 2008 9:20 PM
> To: XMPP Security
> Subject: Re: [Security] TLS-SRP Questions
> Jonathan Dickinson wrote:
> > And my hard-laboured formatting got messed up.
> > Initiator opens connection
> > Target gets connection and presents certificate
> > Initiator verifies certificate with IC -> Fail if invalid
> > Initiator presents certificate
> > Target verifies certificate -> Fail if invalid
> > Success
> > The point is, from what I can tell, TLS supports all of that.
> Yes, but the question is how to verify a certificate from someone you
> do not know which is not signed by a CA. Or I'm I missing something in
> your argumentation?
We can have xmpp.net as the IC.
> A bad random number generator: 1, 1, 1, 1, 1, 4.33e+67, 1, 1, 1...
More information about the Security