24 Aug
2009
24 Aug
'09
5:49 a.m.
Thank you all for your responses. You guys are awesome!
This is what I've been worried about with the encryption. I wanted to make sure the encryption was "secure", so to speak.
-Josh
On Mon, 2009-08-24 at 08:30 -0400, Emmanuel Dreyfus wrote:
Howard Chu hyc@symas.com wrote:
But certificates are not a required element for encryption of a connection - after all, TLS also supports anonymous Diffie-Hellman key exchange.
Sure, but encryption without authentication makes little sense, as you don't know who you are securely speaking to: you can get an encrypted link to a man in the middle.