Guus Sliepen <[EMAIL PROTECTED]> writes: > Compared with the entire TLS protocol it is much simpler, compared with > just the handshake protocol it is about as simple and probably just as > efficient, but as I said earlier, I want to get rid of the client/server > distinction.
You can't get rid of the distinction. You will always have a "client" and a "server" -- however you may just rename it "Initiator" and "Responder" to make it sound more peer-like, but it's just the same emperor in different clothes. The only real distinction between a _pure_ client-server protocol and a peer-to-peer protocol is that the latter is generally reversible where the former is not. By "reversible" I mean that either party could be the initiator and either could be the responder. HOWEVER, during the run of a protocol it behooves you to label the parties, and "client/server" is just as valid a naming as "initiator/responder". IPsec (IKE) is clearly peer/peer. Even with TLS the protocol is reversible if you perform the name mappings and assume both ends have certificates. So, I urge you to be careful with trying to get rid of a distinction that really has little meaning in most protocols. -derek -- Derek Atkins 617-623-3745 [EMAIL PROTECTED] www.ihtfp.com Computer and Internet Security Consultant --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]