"known in advance" public key authentication?

Graham Murray GMurray at webwayone.co.uk
Wed Nov 7 16:06:25 CET 2012


On Wed, 2012-11-07 at 14:33 +0000, Ivan Shmakov wrote:
> 	For my application, I need to establish a secure communication
> 	between two peers, and as it seems, TLS is a perfect fit for
> 	that.
> 
> 	A feature of this application is that the public keys of the
> 	peers are effectively “known in advance”, so, while self-signed
> 	(unsigned?) X.509 certificates (or some OpenPGP ones) could be
> 	employed, there's no practical benefit from CC/WoT verification.
> 
> 	Hence, the question is: is there a way to specify the local key
> 	pair and the remote public key to GnuTLS “directly”, just prior
> 	to connecting the remote?

Would PSK not do what you want?




More information about the Gnutls-help mailing list