[Security] TLS-SRP Questions

Jonathan Dickinson jonathanD at k2.com
Thu Aug 21 15:38:59 CDT 2008


> -----Original Message-----
> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
> Behalf Of Kurt Zeilenga
> Sent: Thursday, August 21, 2008 10:32 PM
> To: XMPP Security
> Subject: Re: [Security] TLS-SRP Questions
>
>
> On Aug 21, 2008, at 12:19 PM, Dirk Meyer wrote:
>
> > ...
>
> Why would there be any need to otherwise "verify" A's certificate?

So B knows who they are talking to ;). I'm confused. It's too late here.

>
> -- Kurt
>
>
>
> >
> >
> > Dirk
> >
> >
> > --
> > A bad random number generator: 1, 1, 1, 1, 1, 4.33e+67, 1, 1, 1...



More information about the Security mailing list