Masataka Ohta wrote: > Nikos Mavrogiannopoulos wrote: > >> Not really. I Don't know what you mean by simple nonce, but as I >> understand dnscurve if implemented properly would have ssh-style >> authentication. > > Ssh without secure public key distribution mechanism is not really > secure cryptographically. > > In general, public key cryptography is scure only if public key > distribution is secure. Well as far as I know ssh works pretty well today and this model can be easy made verifiable (i.e. secure as you say) by the administrator verifying the keys of upstream. Being "secure" heavily depends on what your requirements are and from whom you are protecting from. Is a typical bank in europe secure? Can a general go with an armory division and take the money? Of course he can, but banks don't consider this a threat. regards, Nikos _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf