[cryptography] Repeated Encryptions Considered.... ?
pgut001 at cs.auckland.ac.nz
Wed Jun 22 08:22:09 EDT 2011
Ian G <iang at iang.org> writes:
>The typical reasons for not using TLS would be
>(c) it only delivers a relatively small subset of a fuller security model.
That's a legitimate reason for using JS crypto. What TLS gives you is the
archetypal armoured car from the guy who lives on a cardboard box to the guy
who lives in a park bench, while JS crypto of the PDU gives you crypto from
the teller at park-box-guy's bank to the teller at cardboard-bench-guy's bank.
Using both is perfectly sound, TLS provides the blanket protection against
passive eavesdroppers and the JS PDU-encryption protects the message as a
whole from endpoint to endpoint.
More information about the cryptography