CERT advisory
Eric Hughes
hughes at ah.com
Fri Feb 4 16:59:57 PST 1994
>The big issue, in my mind, is how the ftpd is going to get the key
>to unlock the *system's* private key... Do you compile it into the
>code? Should ftpd ask for it when it comes up?
Since active interception is not nearly so easy as passive listening,
it would be appropriate to use a Diffie-Hellman key exchange in this
situation. This protocol has no persistent private keys, so the issue
of keeping a private key around securely is not an issue.
Eric
More information about the cypherpunks-legacy
mailing list