[zeromq-dev] Proposal for ZeroMQ certificate format

Pieter Hintjens pieterh at gmail.com
Wed Oct 16 20:31:25 CEST 2013


I tried to explain the use cases in my article. The goal is to send my
public key to you without leaking the fact. It is asymmetric.  Your public
key is well known but mine is not. It is a CurveZMQ usecase. Anonymous
clients and public servers.

Pieter
On Oct 16, 2013 8:23 PM, "Tony Arcieri" <bascule at gmail.com> wrote:

> On Wed, Oct 16, 2013 at 9:57 AM, Laurent Alebarde <l.alebarde at free.fr>
> wrote:
> > Please, keep the public key secret.
>
> This is where you really need to take a step back and look at the threat
> model.
>
> Keep the public key secret from whom? You can't keep it secret from
> someone who wants to perform a Diffie-Hellman handshake, since it's
> one of the operands of Curve25519 scalar multiplication.
>
> What is the use case for verifying the authenticity of the public key
> in which you would also like to keep the public key secret?
>
> --
> Tony Arcieri
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev at lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20131016/a07a9f6e/attachment.htm>


More information about the zeromq-dev mailing list