[openssl-users] RFC5077 ticket construction help
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Mar 28 16:52:31 UTC 2018
> On Mar 28, 2018, at 12:46 PM, Michael Sierchio <kudzu at tenebras.com> wrote:
>
> It would make more sense, but you're changing the problem definition. Needham-Schroeder is intended to be used over an insecure network.
I'm guessing that C's purpose is issuance of client credentials.
If the requirement is to avoid PKI, then TLS is not the protocol
one wants to use. Use GSSAPI, say via libknc:
https://github.com/elric1/knc/tree/master/lib
--
Viktor.
More information about the openssl-users
mailing list