Hadmut Danisch wrote:
On Thu, Sep 16, 2004 at 12:41:41AM +0100, Ian Grigg wrote:
It occurs to me that a number of these ideas could
be written up over time ... a wiki, anyone? I think
it is high past time to start documenting crypto
patterns.
Wikis are not that good for discussions, and I do
On Thu, Sep 16, 2004 at 12:41:41AM +0100, Ian Grigg wrote:
It occurs to me that a number of these ideas could
be written up over time ... a wiki, anyone? I think
it is high past time to start documenting crypto
patterns.
Wikis are not that good for discussions, and I do believe
that this
On 2004, Sep 11, , at 17:20, Sandy Harris wrote:
Zooko O'Whielcronx wrote:
I believe that in the context of e-mail [1, 2, 3, 4] and FreeSWAN
this is called opportunistic encryption.
That is certainly not what FreeS/WAN meant by opportunistic
encryption.
In message [EMAIL PROTECTED], Peter Gutmann writes:
Eugen Leitl [EMAIL PROTECTED] writes:
Maybe it's worth doing some sort of generic RFC for this security model to
avoid scattering the same thing over a pile of IETF WGs, things like the
general operational principles (store a hash of the
Steven M. Bellovin [EMAIL PROTECTED] writes:
Maybe it's worth doing some sort of generic RFC for this security model to
avoid scattering the same thing over a pile of IETF WGs,
Sounds good. Who wants to write it...?
Since there seems to be at least some interest in this, I'll make a start on
Tim == Tim Shepard [EMAIL PROTECTED] writes:
Tim Sam said:
No. opportunistic encryption means I have retrieved a key or
cert for the other party, but do not know whether it is
actually the right cert.
Tim If the key is retrieved from the other end of a TCP
Tim
At 11:45 AM 9/12/2004, Sam Hartman wrote:
No. opportunistic encryption means I have retrieved a key or cert for
the other party, but do not know whether it is actually the right
cert. This is slightly different although at the level of current
discussion it has the same security properties.
At 11:43 AM 9/11/2004, Peter Gutmann wrote:
So in other words it's the same baby-duck security model that's been quite
successfully used by SSH for about a decade, is also used in some SSL
implementations that don't just blindly trust anything with a certificate
(particularly popular with
From: Joe Touch [EMAIL PROTECTED]
Subject: Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd frTo:
Discussions of anonymous Internet security. [EMAIL PROTECTED]
Date: Fri, 10 Sep 2004 09:03:50 -0700
Reply-To: Discussions of anonymous Internet security. [EMAIL PROTECTED
At 12:57 PM 9/9/2004, Hal Finney wrote:
http://www.postel.org/anonsec
To clarify, this is not really anonymous in the usual sense. Rather it
is a proposal to an extension to IPsec to allow for unauthenticated
connections. Presently IPsec relies on either pre-shared secrets or a
trusted
Joe Touch [EMAIL PROTECTED] wrote:
The point has nothing to do with anonymity;
The last one, agreed. But the primary assumption is that we can avoid a
lot of infrastructure and impediment to deployment by treating an
ongoing conversation as a reason to trust an endpoint, rather than a
Zooko O'Whielcronx wrote:
On 2004, Sep 09, , at 16:57, Hal Finney wrote:
... an extension to IPsec to allow for unauthenticated
connections. Presently IPsec relies on either pre-shared secrets or a
trusted third party CA to authenticate the connection.
No. It can also use RSA public keys without
On Sat, Sep 11, 2004 at 11:38:00AM -0700, Joe Touch wrote:
Although anonymous access is not the primary goal, it is a feature
of the solution.
The access is _not_ anonymous. The originator's IP, ISP call traces,
phone access records will be all over it and associated audit logs.
And you
On Fri, 10 Sep 2004, Eugen Leitl wrote:
From: Joe Touch [EMAIL PROTECTED]
To clarify, this is not really anonymous in the usual sense.
It does not authenticate the endpoint's identification, other than same
place I had been talking to.
That's pseudonymity, not anonymity.
There's no
The IETF has been discussing setting up a working group
for anonymous IPSec. They will have a BOF at the next IETF
in DC in November. They're also setting up a mailing list you
might be interested in if you haven't heard about it already.
...
http://www.postel.org/anonsec
To
15 matches
Mail list logo