[Standards-JIG] Re: The Great Encryption Debate

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Mon Aug 8 17:02:53 UTC 2005


On Monday 08 August 2005 09:32 am, Jesus Cea wrote:
> Justin Karneges wrote:
> > Both SSH and TLS use Diffie-Hellman without risk, because they use public
> > key signatures to protect the Diffie-Hellman values.  JEP-0116 is no
> > different.
>
> SSH has no signatures. It simply verify that the host you are connecting
> is the very same that last time. So, if you first connection is
> "secure", you can be sure that everything is right.

You're right, SSH doesn't have signed RSA/DSA keys.  But that's a different 
topic.

I'm talking about the protocol itself.  During the handshake, the temporary 
Diffie-Hellman values are signed by the SSH server's persistent public key 
(RSA or DSA).  If the server didn't do this then there'd be no point in 
having a public key in the first place. :)

-Justin



More information about the Standards mailing list