<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#ffffff">
On 03/19/2009 04:19 PM, Ben Laurie:
<blockquote
cite="mid:1b587cab0903190719o6e929ff8oa9198ccdf20bbf9@mail.gmail.com"
type="cite">
<pre wrap="">On Thu, Mar 19, 2009 at 2:17 PM, Andrew Arnott <a class="moz-txt-link-rfc2396E" href="mailto:andrewarnott@gmail.com"><andrewarnott@gmail.com></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Maybe it's just me, but I don't like the terminology we're using. DH and
SSL are only redundant when used together.
</pre>
</blockquote>
<pre wrap="">
I don't understand why. As I said, DH over SSL gives you a shared
secret, which SSL alone does not.
</pre>
</blockquote>
<br>
Exactly!<br>
<br>
<blockquote
cite="mid:1b587cab0903190719o6e929ff8oa9198ccdf20bbf9@mail.gmail.com"
type="cite">
<pre wrap="">But does not protect against MitM, and so is not equivalent. Which is
not what "complementary" means to me.</pre>
</blockquote>
<br>
+1<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, <a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>Jabber: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Phone: </td>
<td>+1.213.341.0390</td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</body>
</html>