M Taylor [EMAIL PROTECTED] writes:
On Fri, Sep 26, 2003 at 06:26:16PM -0700, Joseph Ashwood wrote:
Both SSL and SSH have had their security
problems . . , as perfect as Peter Gutmann would let us believe.
They may not be perfect but in neither case can Mallet do as much damage as
Jeroen C.van Gelderen wrote:
On Saturday, Sep 27, 2003, at 15:48 US/Eastern,
[EMAIL PROTECTED] wrote:
You have not met my users!
Indeed, but I'm here to learn :)
...
something is wrong. Why would she click YES?
...
Because I'm an optimist I believe that Alice will read the dialog
Hi,
Apologies in advance for the vagueness of the question...
Talking to a friend the other day, he was telling me about a potential
loophole with SHA-1 hashes protected by an RSA signature. Basically, he
seemed to think that with an SHA hash of a suitable length (say, 2^20), the
hash could be
On Saturday, Sep 27, 2003, at 20:31 US/Eastern, Zooko wrote:
Jeroen C. van Gelderen [EMAIL PROTECTED] wrote:
There is no way around asking the user because he is the ultimate
authority when it comes to making trust decisions. (Side-stepping the
issues in a (corporate) environment where the owner
On Sat, Sep 27, 2003 at 07:58:14PM +0100, M Taylor wrote:
Perhaps a HMAC per chunk, rather than per the payload of a single UDP
datagram. I suspect per every 5 UDP datagrams, roughly ~7000 bytes of
payload may work. This will increase latency.
That would not work either. It would have the
I promised some links about the 5/6 cloning figure. You've had a few
experimental ones, here are some theory ones.
Cloning machines:
http://www.fi.muni.cz/usr/buzek/mypapers/96pra1844.pdf
Theoretically optimal cloning machines:
http://www.gap-optique.unige.ch/Publications/Pdf/PRL02153.pdf
1/6
M Taylor wrote:
Oh, and they fixed their flaws. SSHv1 is not recommended for use at all,
and most systems use SSHv2 now which is based upon a draft IETF standard.
SSL went through SSLv1, SSLv2, SSLv3, TLSv1.0, and TLSv1.1 is a draft IETF
standard.
It is curious, is it not, that there has
At 8:12 AM -0700 9/27/03, [EMAIL PROTECTED] wrote:
On Fri, 26 Sep 2003, Bill Frantz wrote:
The real problem is that the viewer software, whether it is an editor, PDF
viewer, or a computer language interpreter, runs with ALL the user's
privileges. If we ran these programs with a minimum of
At 11:53 PM 9/27/2003 +0100, Paul Walker wrote:
Talking to a friend the other day, he was telling me about a potential
loophole with SHA-1 hashes protected by an RSA signature. Basically, he
seemed to think that with an SHA hash of a suitable length (say, 2^20), the
hash could be cubed and still
On Mon, Sep 29, 2003 at 08:33:59AM +1000, Greg Rose wrote:
common values. It also relies on using some rawly implemented RSA, so that
all that is in the RSA payload is the hash, and nothing else. This
violates all the standards that specify that the payload should be padded
The code which
10 matches
Mail list logo