On 2004, Sep 11, , at 17:20, Sandy Harris wrote:
Zooko O'Whielcronx wrote:
I believe that in the context of e-mail [1, 2, 3, 4] and FreeSWAN
this is called opportunistic encryption.
That is certainly not what FreeS/WAN meant by opportunistic
encryption.
In message [EMAIL PROTECTED], Peter Gutmann writes:
Eugen Leitl [EMAIL PROTECTED] writes:
Maybe it's worth doing some sort of generic RFC for this security model to
avoid scattering the same thing over a pile of IETF WGs, things like the
general operational principles (store a hash of the
http://www.nytimes.com/2004/09/12/opinion/12sun2.html?th=pagewanted=printposition=
The New York Times
September 12, 2004
On the Voting Machine Makers' Tab
As doubts have grown about the reliability of electronic voting, some of
its loudest defenders have been state and local election officials.
Hi,
I have some AES code here in C and I am trying to find it's author and
source. I can't find
it on the Internet so I figure it was taken from a book. Now I don't want
to send the entire
code to the list for obvious reasons however I was hoping you could help me
from the following
small
Steven M. Bellovin [EMAIL PROTECTED] writes:
Maybe it's worth doing some sort of generic RFC for this security model to
avoid scattering the same thing over a pile of IETF WGs,
Sounds good. Who wants to write it...?
Since there seems to be at least some interest in this, I'll make a start on
Tim == Tim Shepard [EMAIL PROTECTED] writes:
Tim Sam said:
No. opportunistic encryption means I have retrieved a key or
cert for the other party, but do not know whether it is
actually the right cert.
Tim If the key is retrieved from the other end of a TCP
Tim
At 11:45 AM 9/12/2004, Sam Hartman wrote:
No. opportunistic encryption means I have retrieved a key or cert for
the other party, but do not know whether it is actually the right
cert. This is slightly different although at the level of current
discussion it has the same security properties.
At 11:43 AM 9/11/2004, Peter Gutmann wrote:
So in other words it's the same baby-duck security model that's been quite
successfully used by SSH for about a decade, is also used in some SSL
implementations that don't just blindly trust anything with a certificate
(particularly popular with