On Wed, Oct 06, 1999 at 06:28:45PM -0700, Greg Broiles wrote:
This deserves further explanation. In order to begin an SSL session, the
server must present its public key and its site certificate to the client.
I think you're missing the point of the article. The issue is, what
happens when
I am looking for a TIPEM 2.x API compatible free crypto library. Any
pointers?
Thanks,
--Lucky Green [EMAIL PROTECTED]
At 04:35 PM 10/6/99 , Phillip Hallam-Baker wrote:
This is a problem with SSL 2.0 first discovered by Simon Spero then at EIT.
It was fixed in SSL 3.0, that must be almost three years ago.
The server certificate now binds the public key to a specific Web server
address.
That means that you can
Mention was made recently of a graphical keying method out of stanford (?) for
palm-pilots. Does anyone have a reference or url for the paper/code involved?
Cheers,
Julian.
Bill Stewart [EMAIL PROTECTED] writes:
At 04:35 PM 10/6/99 , Phillip Hallam-Baker wrote:
This is a problem with SSL 2.0 first discovered by Simon Spero then at EIT.
It was fixed in SSL 3.0, that must be almost three years ago.
The server certificate now binds the public key to a specific Web
From: Julian Assange [EMAIL PROTECTED]
Mention was made recently of a graphical keying method out of stanford (?) for
palm-pilots. Does anyone have a reference or url for the paper/code involved?
The paper was presented at USENIX's security '99, and available in
ps/pdf on Avi Rubin's
In message [EMAIL PROTECTED], Bill Stewart writes:
At 04:35 PM 10/6/99 , Phillip Hallam-Baker wrote:
That means that you can only succeed against web-users whose browsers
still accept SSL2.0, which is most Netscape users by default;
I don't know if IE also defaults to that, but it probably
SF Bay Area Cypherpunks
October 1999 Physical Meeting Announcement
General Info:
Sat 9 October 1999
1:00 - 6:00 PM
Mrs. Fields' Cookies shop, near the payphones*
Embarcadero 4, Embarcadero Center complex
- Ground floor, North side, a few paces east of Drumm and Washington St.
-
In the news today: another unknown entity purporting to create secure email.
Company Name: "Disappearing, Inc." (cute...)
Angle: "shredding" email so it can't linger forever (nothing new to
PGP users who've forgotten their passphrase ;).
Technology: unknown.
Technical Team: unknown.
Source