Stephen Kent wrote: > > It's very difficult to write text that accurately conveys the intent, > and yet is technically precise. Full ACK. :-) > > For example, you wrote: > > "Without key management at an Internet scale, authentication is often > not possible." > > *ephemeral DH exchange is a type of key management, and it works at > Internet scale.**So, what I think you meant to say, when paraphrasing > Viktor (who made the same mistake in the I-D) ** > **is something like* > > "Authenticated key management at an Internet scale has yet to be achieved." I think it is in general a _bad_ idea to describe an ephemeral DH exchange as some form of key management -- because it is *NOT* key management. To me, the use of the word "management" implies _control_ over keys. An _unauthenticated_ DH key exchange protocol is where both peers give a f*** about control of keys, is a mathematical scheme where both peers end up computing the same key. But due to the _lack_ of control (aka lack of management), neither party knows which other party has that same DH key, whether it is the peer they believe to be talking to, or whether it is a man-in-the-middle who makes them believe that they talking to each other directly. If the DH exchange is _authenticated_, then this is where "control" comes into play, aka "management" of who is party to the keys and party to the communication. -Martin