Re: nit-picky spec questions about connection protocol please....

[chris@xxxxxxxxxxxx]

On Wed, Jan 03, 2007 at 03:06:59PM -0500, Nick Mathewson wrote:
> The certificate with the short term connection key is signed by the
> identity key.
>
> > * Are all the aforementioned certs and keys mentioned above sent in
> > 'cells'?  Which cell types?  This was not specified.
>
> No.  This is part of the TLS handshake.  I'll try to make that clear
> if I can.

From what I know about TLS (I'm not a TLS expert.)...
The communication of the short term (RSA) connection key in a cert is not
really part of the TLS Handshake Protocol right?  The TLS Handshake Protocol
*just* uses identity (RSA public) keys to establish a symmetric session key
between a client and server right? ...Unless the TLS Handshake Protcol allows
peers to send additional info to each other as part of TLS I don 't know about?

(Also, since EVERY connection needs to generate a short term RSA public/private
key pair....I hope RSA key pair generation is NOT expensive?)

Chris