I'm lost in a twisty page of MITM passages, all alike.
My point was that in an anonymous protocol, for Alice to communicate with
Mallet is equivalent to communicating with Bob, since the protocol is
anonymous: there is no distinction. All the concept of MITM is intended to
convey is that in an
On Fri, 3 Oct 2003, Benja Fallenstein wrote:
bear wrote:
Why should this not be applicable to chess? There's nothing to
prevent the two contestants from making nonce transmissions twice a
move when it's not their turn.
I.e., you would need a protocol extension to verify the nonces
| From: Tim Dierks [EMAIL PROTECTED]
|
| I'm lost in a twisty page of MITM passages, all alike.
|
| My point was that in an anonymous protocol, for Alice to communicate with
| Mallet is equivalent to communicating with Bob, since the protocol is
| anonymous: there is no distinction. All the
Bill Frantz [EMAIL PROTECTED] writes:
This is the second significant problem I have seen in applications that use
ASN.1 data formats. (The first was in a widely deployed implementation of
SNMP.) Given that good, security conscience programmers have difficultly
getting ASN.1 parsing right, we
On Fri, Oct 03, 2003 at 05:55:25PM +0100, Jill Ramonsky wrote:
Having been greatly encouraged by people on this list to go ahead with a
new SSL implementation,
That's a pretty good idea, I also encourage you (and volunteer to
support).
The main
point of confusion/contention right now
I can think of three different goals one could have for identifying the
person behind a name. If goal A is possible, I say that the name was a
verinym. If goal C is possible, I say that the name was a pseudonym. If
none of the goals are possible, the transaction was anonymous.
Unfortunately,
(about the Interlock Protocol)
Benja wrote:
The basic idea is that Alice sends *half* of her ciphertext, then Bob
*half* of his, then Alice sends the other half and Bob sends the other
half (each step is started only after the previous one was completed).
The point is that having only
Thor Lancelot Simon wrote:
As far as what OpenSSL does, if you simply abandon outright any hope of
acting as a certificate authority, etc. you can punt a huge amount of
complexity; if you punt SSL, you'll lose quite a bit more. As far as the
programming interface goes, I'd read Eric's book
[EMAIL PROTECTED] wrote:
On Thu, 2 Oct 2003, Thor Lancelot Simon wrote:
1) Creates a socket-like connection object
2) Allows configuration of the expected identity of the party at the other
end, and, optionally, parameters like acceptable cipher suite
3) Connects, returning error if the
On Sat, Oct 04, 2003 at 02:09:10PM +0100, Ben Laurie wrote:
Thor Lancelot Simon wrote:
As far as what OpenSSL does, if you simply abandon outright any hope of
acting as a certificate authority, etc. you can punt a huge amount of
complexity; if you punt SSL, you'll lose quite a bit more. As
Zooko O'Whielacronx wrote:
I imagine it might be nice to have Goal B achievable in a certain setting
where Goal A remains unachievable.
In a strictly theoretical sense, isn't this essentially
the job of the (perfect) TTP? At least that's the way
many protocols seem to brush away the
bear wrote:
On Fri, 3 Oct 2003, Benja Fallenstein wrote:
bear wrote:
Why should this not be applicable to chess? There's nothing to
prevent the two contestants from making nonce transmissions twice a
move when it's not their turn.
I.e., you would need a protocol extension to verify the nonces
Rich Salz wrote:
You know about Wei's Crypto++, right?
I use it and like it. I don't have to dig into the guts very often, which is
good because I don't like mucking around in C++.
You have to understand templates to understand the API. The docs are spartan,
but the design is clean so it
13 matches
Mail list logo
