> From: [email protected] [mailto:mono-devel-list- > [email protected]] On Behalf Of Edward Ned Harvey (mono) > > > From: Sebastien Pouliot [mailto:[email protected]] > > > > Please re-read the TLS RFC (any of them) and tell me where you need to > > _generate_ an RSA keypair to establish an SSL/TLS connection ?!?
Just in case anyone is wondering, Sebastien is right. "Re-read the spec" is the answer. ;-) In SSL/TLS, the server and client do not *both* need a keypair. During handshake, the server & client each send each other some random bytes. And then the client generates some more random bytes (the pre-master secret), and sends to the server encrypted by the server's public key. From all the random bytes and pre-master secret, the server & client are both able to generate the master secret and session keys. Thanks, Sebastien. ;-) _______________________________________________ Mono-devel-list mailing list [email protected] http://lists.ximian.com/mailman/listinfo/mono-devel-list
