[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0

From: Robert Collins
Subject: Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0
Date: Thu, 01 Jan 2004 01:56:46 +1100

On Thu, 2004-01-01 at 01:52, Aaron Bentley wrote:
> On Wed, 2003-12-31 at 08:54, Andrew Suffield wrote:
> > People have tried to abuse the encryption form for one-to-many
> > purposes before now (either via a shared secret, which defeats the
> > point, or via encrypting multiple times, which is an infeasible use of
> > resources). 
> The classic description of public/private key architecture has the
> public key being used to encrypt a session key.  Couldn't the same
> session key be encrypted with multiple public keys?  Or is that the
> "infeasible use of resources"?

Actually, thats precisely the mechanism used by gpg to encrypt to many
recipients. Note that any recipient can then compromise the
confidentiality - the shared secret IS the session key.

GPG key available at: <>.

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]