On Sun, Nov 19, 2000 at 01:16:10PM +1100, Brian May wrote: > I am afraid you have lost me here. Are you asking how you can securely > transfer the public keys of your clients (not an easy task),
OK, now you's lost me... I thought the big advantage of public keys was exactly that - they're public. You don't have to worry about transferring them securely, so long as the corresponding private key remains safe. To map this onto the specific case at hand, ssh, if you were to obtain my public ssh key, the worst thing that could result from this interception is that you could add it to your list of authorized_keys and allow me to freely use your account - which is a detriment to the person intercepting the key, not the person owning it. (I'm ignoring the possibility that you might try to factor the public key, as doing so is generally considered to be a practical impossibility for the foreseeable future.) Or have I grossly misunderstood something? -- "Two words: Windows survives." - Craig Mundie, Microsoft senior strategist "So does syphillis. Good thing we have penicillin." - Matthew Alton Geek Code 3.1: GCS d- s+: a- C++ UL++$ P+>+++ L+++>++++ E- W--(++) N+ o+ !K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r++ y+
