PROTECTED]]
>Sent: Wednesday, March 07, 2001 9:03 PM
>To: [EMAIL PROTECTED]
>Subject: Re: Question on client authentication and signing
>
>
>
>Greg;
>
> Thanks. Therefore if I read this right, all the actually data
>passed across the session (i.e. all the real data
.
_
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_
- Original Message -
From: "Sandipan Gangopadhyay" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 07, 2001 10:38 AM
Subject:
ECTED]
_
- Original Message -
From: "Jeffrey Burgoyne" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 07, 2001 10:32 AM
Subject: Re: Question on client authentication and signing
>
> Greg;
>
> Thanks. Therefore if I read this right, all the actuall
dipan
- Original Message -
From: "Greg Stark" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, March 07, 2001 8:39 PM
Subject: Re: Question on client authentication and signing
> Jeffrey,
>
> The short answer is nei
Greg;
Thanks. Therefore if I read this right, all the actually data
passed across the session (i.e. all the real data passed after the
handshae has been completed) is encoded with the symmetrically generated
key only and hence could not be used to non-repudiation?
Jeff
On Wed, 7 Mar 2
Jeffrey,
The short answer is neither. The client's only use of its private key is
to sign a hash of the handshake messages, one of which includes the server
random value.
_
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_