Design goals

These are the design goals for the PGP authentication type:

• There should be automatic public key transfers if the client or server does not have the public key of the other party.
• Replay attacks must be prevented.
• Organizations already using PGP, should be able to use their existing public keys and introducers.
• Must be compatible with existing authentication standards and it should be easy to extend existing implementation with this authentication type.
• Exchange secret session keys for bulk data encryption and integrity protection.