Just from a quick scan of the RFC: this seems to generate the encrypted session key directly from the public key of the recipient somehow. This also seems to be an attempt to standardize generating the public/secret keypair from something like a passphrase.
Traditionally you generate a random session key and then encrypt it using the public key of the recipient. The public/secret keypair is generated standalone where you optionally encrypt the secret bit of the keypair separately with a passphrase.
Not yet sure how this scheme would work in practice and what the advantage is...
Traditionally you generate a random session key and then encrypt it using the public key of the recipient. The public/secret keypair is generated standalone where you optionally encrypt the secret bit of the keypair separately with a passphrase.
Not yet sure how this scheme would work in practice and what the advantage is...