On Wed, Oct 16, 2013 at 11:59 PM, Pieter Hintjens <[email protected]> wrote:
> Tony, > > I realized what you are explaining. It's impossible to decode the > certificate without the sender's public key anyhow, so it has to be > sent in clear. > Nice, glad we're clear now ;) > So this brings us to a public key format which is Box > [metadata](C'->S), where C and the nonce used are clear-text headers. > And then the fingerprint is entirely redundant since it's easy to > verify C in the header. Yep! Laurent, you might want to read over what Pieter just said. You can't complete a D-H key exchange without sending one the public keys in the clear. -- Tony Arcieri
_______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
