|
![](/i/fill.gif) |
>> In this instance, we're only trying to establish a secure channel.
>
> Then you don't need a certificate at all, so there's no need for both
> sides to have a private key.
Oh, quite.
What's all the more baffling is that last time we set this up, they did
it the correct way. Why this time around they're doing it backwards, I
have no idea.
>> AES exists for a reason. Triple DES is subject to meet-in-the-middle
>
> Triple-DES is useful only to those who have DES hardware ubiquitous in
> their infrastructure.
...or when your provider wants to charge you extra for the tiny piece of
software required to enable AES. ;-)
Post a reply to this message
|
![](/i/fill.gif) |