Also Excellent! Would this be more along the lines of adding it at the
application layer (telnet)?
Rather than tying this to a particular app protocol I would love to see it
at the TLS layer so that it generates the pre-master secret directly.
When I was thinking about this a while ago I considered doing the SRP
seperate from TLS and then using it to do crypto seperately in a bulk way
and not relying on TLS. Is there any strong feeling one way or the
other? I personally like the work Mr. Taylor has done as a starting point.
Later,
dj
On Sun, 11 Mar 2001, Tom Wu wrote:
:Jeffrey Altman wrote:
:>
:> >
:> > hi,
:> >
:> > I recently found an IETF draft written by David Taylor that proposes the
:> > addition of a new ciphersuite.
:> >
:> > >A URL for this Internet-Draft is:
:> > >http://www.ietf.org/internet-drafts/draft-ietf-tls-srp-00.txt
:> >
:> >
:> > Has this thought come across the OpenSSL To Do list? Is there any comment
:> > on this draft?
:> >
:>
:> Its on my to do list.
:
:I will be doing integration work with START_TLS+SRP telnet/telnetd and
:doing interoperability testing.
:
:> Jeffrey Altman * Sr.Software Designer C-Kermit 7.1 Alpha available
:> The Kermit Project @ Columbia University includes Secure Telnet and FTP
:> http://www.kermit-project.org/ using Kerberos, SRP, and
:> [EMAIL PROTECTED] OpenSSL. SSH soon to follow.
:> ______________________________________________________________________
:> OpenSSL Project http://www.openssl.org
:> Development Mailing List [EMAIL PROTECTED]
:> Automated List Manager [EMAIL PROTECTED]
:
:
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
