Subject Re: [Firebird-Architect] RC4
Author Olivier Mascia
Le 14 nov. 2010 à 19:39, Jim Starkey a écrit :

> Here is the architecture:
> 1. Servers generate RSA key pairs at startup time. They may, if they
> wish, generate new key pairs anytime they wish.
> 2. On first connection to a server, the client is given the server's
> public key and a list of supported encryption algorithms.
> 3. The client selects an algorithm, generates a one-time session key
> using a secure random number generator, encrypts the algorithm
> type and session key using the server's public key, and sends the
> gook to the server
> 4. The server decrypts the gook with its private key.

Well, this is SSL/TLS principle. Wouldn't it be preferable to re-use SSL/TLS? What rationale commands to design and implement a private scheme for exchanging the initial random session keys?

Olivier Mascia