Ken Goldman wrote: > All correct for authentication. There are times that public keys or > certificates are encrypted using a DH protocol for privacy. You might > not want a man in the middle to track where you go, and a certificate > is your identity. >
That's somewhat of an oversimplification I believe. Diffie-Hellman is a key-exchange protocol, not an encryption protocol. If we're helping this chap understand certs a little better let's not confuse him inordinately! ;-) -- Cheers! J. Wren Hunt Cambridge, MA. USA ------------ "I have never killed anyone, but I have read some obituaries with some satisfaction." - Clarence Darrow. +------------------------------------------------------------------+ | v-card http://wrenhunt.homelinux.org/data/wren.vcf | | x.509 http://wrenhunt.homelinux.org/data/thawte_wren_hunt.cer | | OpenPGP ADF5 1432 A59E 8F4D 4AE7 4DFE 03FA 91E1 4A24 D6F4 | +------------------------------------------------------------------+
smime.p7s
Description: S/MIME Cryptographic Signature
