On Wed Aug 20 17:38:58 2008, Jonathan Schleifer wrote:
"Eric Rescorla" <[EMAIL PROTECTED]> wrote:
> I must be missing something here:
> 1. Key generation in DSA-based systems is just as fast as
ephemeral
> DH key generation, as long as you use a pregenerated group.
> 2. Key generation in RSA-based systems is slower, but still a
matter
> of a second or two on any reasonably modern system.
Oh, generating an OTR key takes a few seconds here, on my 450 MHz
NetBSD box it even took about an hour, because /dev/random is used
there. So waiting an hour on some systems is ok for the user? I
really
don't think so
Well, I strongly suspect that's extreme. A few seconds pause at
runtime would be a little annoying, but given you'd presumably do
this during either the installation or setup phase, I'm not entirely
clear what your point is anyway.
It's certainly true that on old hardware, or mobile handsets,
generating an RSA key will take a while, albeit it typically not an
hour. But we can also arrange for standard methods for transferring
the private key to other devices, and for actual devices (in the
sense that Dirk Meyer wants to deal with) the key can be pregenerated
by the hardware manufacturer, like is done with the iPhone.
> If you're going to use public key cryptography, you need to
generate
> public keys.
That's why I'm AGAINST using public keys, we could use secrets,
like it
can be done with ESessions.
Or TLS, of course.
But humour me for a moment:
What makes ESessions such a win against TLS?
Why would my customers be happier with ESessions over TLS?
What analysis can I show them?
What IPR issues affect ESessions that I need to warn them about?
Dave.
--
Dave Cridland - mailto:[EMAIL PROTECTED] - xmpp:[EMAIL PROTECTED]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
