> No. Without a previously arranged shared secret and no trusted introducer,
> authentication is *impossible*. Authentication is an act of recognizing
> a party that posesses something you can verify. You CAN NOT generate
> authentication secrets on the fly.
> Viktor.
Or, to put it in simp
On Sat, Aug 29, 2009 at 12:09:18AM -0700, Rene Hollan wrote:
>
> Right, that's what I figured. Trouble is, if I chose TO proxy, they I
> must have my peer to the remote server act as if it sent the same client
> hello so as to have the same challenge bytes. AFAIK, there is no openssl
> mechanism
Right, that's what I figured. Trouble is, if I chose TO proxy, they I must have
my peer to the remote server act as if it sent the same client hello so as to
have the same challenge bytes. AFAIK, there is no openssl mechanism to set this
prior to sending a client hello.
-Original Message--
