I think it could be useful to support the SRP (Secure Remote Password) method of key exchange. This protocol seems very solid, allowing two parties to authenticate themselves and arrive at a common session key essentially without using any encryption at all. It only relies on modular exponentiation and SHA (any hash function will do), and should be trivial to implement given these two capabilities. Add 3DES for a session cipher, and you have a system for secure communications totally unhampered by patents and such. <URL:http://srp.stanford.edu/srp/> - Harald ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
