Re: Is SSL dead?

1999-10-08 Thread Steve Reid
On Wed, Oct 06, 1999 at 06:28:45PM -0700, Greg Broiles wrote: This deserves further explanation. In order to begin an SSL session, the server must present its public key and its site certificate to the client. I think you're missing the point of the article. The issue is, what happens when

TIPEM compatible lib?

1999-10-08 Thread Lucky Green
I am looking for a TIPEM 2.x API compatible free crypto library. Any pointers? Thanks, --Lucky Green [EMAIL PROTECTED]

RE: Is SSL dead?

1999-10-08 Thread Bill Stewart
At 04:35 PM 10/6/99 , Phillip Hallam-Baker wrote: This is a problem with SSL 2.0 first discovered by Simon Spero then at EIT. It was fixed in SSL 3.0, that must be almost three years ago. The server certificate now binds the public key to a specific Web server address. That means that you can

graphical authentication

1999-10-08 Thread Julian Assange
Mention was made recently of a graphical keying method out of stanford (?) for palm-pilots. Does anyone have a reference or url for the paper/code involved? Cheers, Julian.

Re: Is SSL dead?

1999-10-08 Thread EKR
Bill Stewart [EMAIL PROTECTED] writes: At 04:35 PM 10/6/99 , Phillip Hallam-Baker wrote: This is a problem with SSL 2.0 first discovered by Simon Spero then at EIT. It was fixed in SSL 3.0, that must be almost three years ago. The server certificate now binds the public key to a specific Web

Re: graphical authentication

1999-10-08 Thread evan . cordes
From: Julian Assange [EMAIL PROTECTED] Mention was made recently of a graphical keying method out of stanford (?) for palm-pilots. Does anyone have a reference or url for the paper/code involved? The paper was presented at USENIX's security '99, and available in ps/pdf on Avi Rubin's

Re: Is SSL dead?

1999-10-08 Thread Steven M. Bellovin
In message [EMAIL PROTECTED], Bill Stewart writes: At 04:35 PM 10/6/99 , Phillip Hallam-Baker wrote: That means that you can only succeed against web-users whose browsers still accept SSL2.0, which is most Netscape users by default; I don't know if IE also defaults to that, but it probably

[SFBCA] SF Bay Area Cypherpunks 09 October 1999 Meeting

1999-10-08 Thread Bill Stewart
SF Bay Area Cypherpunks October 1999 Physical Meeting Announcement General Info: Sat 9 October 1999 1:00 - 6:00 PM Mrs. Fields' Cookies shop, near the payphones* Embarcadero 4, Embarcadero Center complex - Ground floor, North side, a few paces east of Drumm and Washington St. -

Disappearing, Inc.

1999-10-08 Thread Dave Del Torto
In the news today: another unknown entity purporting to create secure email. Company Name: "Disappearing, Inc." (cute...) Angle: "shredding" email so it can't linger forever (nothing new to PGP users who've forgotten their passphrase ;). Technology: unknown. Technical Team: unknown. Source