Jonathan Schleifer wrote: > "Eric Rescorla" <[EMAIL PROTECTED]> wrote: > >> Why is it desirable to use an SAS here? A short, secret key printed >> on the top of the STB seems much more convenient. > > Uhm, isn't SAS more or less like a short secret key? If you verify an > SAS or a short fingerprint (but fingerprints are never short!), where > is the difference?
The difference is that ESessions require the same secret on both sides. How can to set-top boxes with different keys printed on them talk to each other? They need help from something else. I do NOT want to role out SAS. If we use TLS with self-signed keys we still need a way to verify that key. With SAS you can create a secure connection between two clients. 1. Set-top box 1 connects to my PC. They exchange TLS keys that are not verified. Now I type in the secret printed on the box on my PC. They open another secure link on top of the TLS link using SAS. Now they exchange the TLS keys over that link and know that the TLS keys are correct. My PC signs the key of the set-top box and they disconnect. 2. Set-top box 2 connects to my PC and they do the same 3. Set-top box 1 connects to set-top box 2. Both see that the TLS key is signed by my PC which they trust. No SAS needed. Dirk -- Whoever coined the phrase "Quiet as a mouse" has never stepped on one.
