[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certificate requests for encryption keys

To: Ben Laurie <ben@xxxxxxxxxxxxx>
Subject: Re: Certificate requests for encryption keys
From: Keith Brady <keith@xxxxxxxxxxxx>
Date: Tue, 08 Jun 1999 20:15:29 +0100
Cc: ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

> ??? If I HMAC then DH the result, isn't that a signature?

Um, not at all sure I understand you here. Don't we need a pre-agreed key
for the HMAC? I trust you mean hash. Not all encryption algorithms are
designed such that this is the ideal way to use them.

In any case I believe we are talking about El-Gamal rather than Key
Exchange D-H. In the general case, it is (I think) possible to construct
encryption algorithms where the hybrid approach (encrypted hash) doesn't
work. I did read something on this a good while ago but I can't remember
where.

cheers,

Keith

Prev by Date: Re: Certificate requests for encryption keys
Next by Date: RE: Possible clarification to RFC 2459
Previous by thread: Re: Certificate requests for encryption keys
Next by thread: Re: Certificate requests for encryption keys
Index(es):
- Date
- Thread