On Sep 20, 12:29am, Christian Wettergren wrote:
Subject: Re: netscape's response One wild idea that I just got was to have servers and clients exchange random numbers (not seeds of course), in a kind of chaining way. Since most viewers connect to a number of servers, and all servers are connected to by many clients, they would mix "randomness sources" with each other, making it impossible to observe the local environment only. And the random values would of course be encrypted under the session key, making it impossible to "watch the wire".
Wow, this is a great idea!! SSL already sends various encrypted random values back and forth between client and server, so this may not be too hard to implement without changing the protocol. I'll keep it in the back of my mind for when I have some time... --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.