Jason Haar <[EMAIL PROTECTED]> writes: > The principle in PKI is that you generate a private and public key using > RSA or DH (?).
Diffie-Hellmann is a key agreement protocol. You can agree on a secret with another person and no passive listener can get that secret. DH can not stop an active attack (aka man-in-the-middle). Then you have to use authentication in combination with DH. DSS is quite common, but you can also use RSA signatures. -- Jostein Tveit ([EMAIL PROTECTED]) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
