Key exchange
Phillips, Matthew
Matthew.Phillips at dsto.defence.gov.au
Thu Aug 15 14:50:34 EST 2002
Hi all,
I've been looking at the import/export of keys for secure notifications so
we can easily get the various ticker clients talking clandestinely to each
other. My travels through crypto-land indicate that there are standard
formats for keys such as PKCS12 that not only allow key export, but also
certificate chains the validate the keys (ie signed keys). However, none of
the key types supported (such as DSA or DER) include the SHA1 key pairs that
Elvin uses (presumably because this way of generating key pairs is not
useful in a "real" asymmetric crypto algorithm).
So I'm going to propose a simple format for key exchange in the meantime. An
example:
---------- BEGIN ELVIN KEY ----------
Name: DSTO Private Key
Type: PRIVATE
Value: DEADBEEF1234567890CAFEBABEETCETCETCETCETCETCETC
---------- END ELVIN KEY ----------
Name is the mnemonic name of the key (clients should try to preserve it, but
it doesn't affect the key itself).
Type is either "PRIVATE" or "PUBLIC" - should be self-explanatory
Value: Is the hex-encoded value of the key.
Comments?
Matthew.
More information about the ticker-dev
mailing list