[p2p-hackers] P2P Authentication
Antoine Pitrou
solipsis at pitrou.net
Wed Oct 26 20:01:23 UTC 2005
> Both A and B make their public keys available upon request. Before
> interacting with B, A will have to obtain B's public key directly, and
> vice versa. This only needs to happen once.
>
> Traditional public key signing doesn't work well if you want to
> eliminate the central authority / trusted third party.
Of course it does, since "both A and B make their public keys available
upon request". You don't need a central source of authority if there is
first a trusted channel by which the peers exchange their respective
public keys.
More information about the P2p-hackers
mailing list