Full Disclosure mailing list archives

Re: JaPCrypt

From: coderman <coderman () gmail com>
Date: Wed, 6 Feb 2008 03:59:30 -0800

On Feb 6, 2008 3:21 AM, Gerardo Di Giacomo <gerardo () linux it> wrote:

 ...
The PSK is never sent, neither by the client neither by the server.


apologies, i will be more clear:

since psk without key distribution nor secure secret exchange does not
solve the problems that HTTPS solves, to say this is useful in
situations where HTTPS is not available is disingenuous.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

JaPCrypt Gerardo Di Giacomo (Feb 06)
- Re: JaPCrypt coderman (Feb 06)
  - Re: JaPCrypt T Biehn (Feb 06)
    - Re: JaPCrypt T Biehn (Feb 06)
- <Possible follow-ups>
- Re: JaPCrypt Gerardo Di Giacomo (Feb 06)
  - Re: JaPCrypt coderman (Feb 06)
    - Re: JaPCrypt Valdis . Kletnieks (Feb 06)
    - Re: JaPCrypt Epic (Feb 06)
    - Re: JaPCrypt Christoph Gruber (Feb 06)
    - Re: JaPCrypt Valdis . Kletnieks (Feb 06)
- Re: JaPCrypt Gerardo Di Giacomo (Feb 06)