1 Oct
2003
1 Oct
'03
02:28
On Tuesday 30 September 2003 7:47 am, Tom Allison wrote:
But for encription is a public server really necessary? I thought I could just ship the recipient the public key.
Public-private key crypto. If you send your public key to your recipient, then someone could intercept it and replace it with their public key. What happens then? He can start sending your recipient messages pretending to be you. Why do you need a public key server? It allows distribution of public keys without that particular problem (given that you trust the key server). Obviously a signed public key would be better and physically handing your recipient the key would be even better. HTH Jon -- SuSE Linux 8.2 (i586) Linux 2.4.20-4GB-athlon