-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Somebody claiming to be Simon Josefsson wrote: > While I like PGP/X509 to be used, I think it is important to also > support secure communication to happen based on a shared secret. While > the security industry likes to believe public key solutions will solve > everything, what normal people understand will continue to be > "passwords". And it should be possible to build a secure communication > system bootstrapped from a password. One approach is for > implementations to generate the X509/PGP certs on the fly, and > authenticate them using the shared secret.
I can't speak to SSL/TLS, but the OpenPGP standard has support for symmetric encryption (ie "shared secret" encryption). - -- Stephen Paul Weber, @singpolyma Please see <http://singpolyma.net> for how I prefer to be contacted. edition right joseph -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQIcBAEBCAAGBQJKJhwqAAoJENEcKRHOUZzeeIIP/jhHfZJfKlmPG72Y0K78vpNU 3f+KLfDKJ2gaL8b4CxyoLzJPS2OaMPKCV+t9Sg/z+ki07C4pgkpkCeRYmOuRiSXO ETsLriOi2SZhI+LCjZLboOTBiZnP7Z9L8K5sTeFcsyijVLTtHMYT5RLb1/yJHws0 vkAcg3CzsG1UM2IZtcLDwDEbscGhi4joMmXIrq/TCgAn3N+ITh1zv4rOq4MBx3oz 17BeTtT8GvE4BYolcDPaHS+eZIjTGn35Df/uIlUaZOmiMRJvSqSKGUBFsw6OT1Yi Pw2XdIZzSuf66U/uPa39uXnTFcKLHMfOJqRE1IsQHhSS+Nng3mLBkueETj/gV5b6 UJpmWrlnGwgnA+4mN9jfQ3T5CVn7Tu3MgpJfoPXLPSXq5R8ryh6v2AfagYUsT0sJ 0h8/njdP3SnOZxdaOowzJJfrTBloPZXJEriSH/McK0qlrMoKBqC09fQ5OlY01RIt 4DsdksQNAlsBRhV0J2NJu4VZKe6fSnBFPK6EApcxLg6+1+pfV+GpKRoHNYVXQwud t9ZiBasD4sD71DJUlHavxQvMYwN0EuJgOtPoN8BiOEDe9srTtZ6b8KlloU4kSDKB YOPm9X45Rh689B0J6FzPNQDOJ4xagWMViHo7nSf3VU0Joj3evcrBiakhj6tov8n9 Wquvyl31RUjXUsP5zEvR =3FJ0 -----END PGP SIGNATURE-----
