[Mono-dev] RSA and ECDH
Edward Ned Harvey (mono)
edward.harvey.mono at clevertrove.com
Mon Feb 17 16:38:29 UTC 2014
> From: mono-devel-list-bounces at lists.ximian.com [mailto:mono-devel-list-
> bounces at lists.ximian.com] On Behalf Of Edward Ned Harvey (mono)
> > From: Sebastien Pouliot [mailto:sebastien.pouliot at gmail.com]
> > Please re-read the TLS RFC (any of them) and tell me where you need to
> > _generate_ an RSA keypair to establish an SSL/TLS connection ?!?
Just in case anyone is wondering, Sebastien is right. "Re-read the spec" is the answer. ;-) In SSL/TLS, the server and client do not *both* need a keypair. During handshake, the server & client each send each other some random bytes. And then the client generates some more random bytes (the pre-master secret), and sends to the server encrypted by the server's public key. From all the random bytes and pre-master secret, the server & client are both able to generate the master secret and session keys.
Thanks, Sebastien. ;-)
More information about the Mono-devel-list