On Wed, May 23, 2007 at 06:34:26PM +0200, Florian Weimer wrote:
* Victor Duchovni:
That's good of you not to expect it, given that zero of the major CAs
seem to support ECC certs today, and even if they did, those certs
would not work in IE on XP.
We are not talking about this year
At 6:34 PM +0200 5/23/07, Florian Weimer wrote:
* Victor Duchovni:
That's good of you not to expect it, given that zero of the major CAs
seem to support ECC certs today, and even if they did, those certs
would not work in IE on XP.
We are not talking about this year or next of course. My
Anne Lynn Wheeler wrote:
for other topic drift ... a recent post with some DNS related trivia ...
more than a decade before DNS (about half-way down the post mentioning former
MIT student)
http://www.garlic.com/~lynn/2007k.html#33 Even worse than UNIX
and for other topic drift, old email
--
Anne Lynn Wheeler wrote:
So one of the proposals (somewhat backed by the domain
name certification authority industry) is that domain
name owners place a public key on file when they
register a domain name with the domain name
infrastructure. They all future communication with the
James A. Donald wrote:
The problem is organizational. To get one decision
centrally made and imposed on everyone requires a
central body capable of making decisions and imposing
them on everyone, and before it can get that authority,
that central body usually has to raze Atlanta and burn
the
I have posted my ideas on defensive use of crypto here:
https://www.subspacefield.org/security/cgi-bin/moin.py/CryptoMaxims
This is not about cipher design, it's more about protocol design
and implementation.
Everyone here is welcome to edit it as they see fit; questions and
answers, discussion
Anne Lynn Wheeler [EMAIL PROTECTED] writes:
of course ... the whole licenses/credentials/certificates are an offline
world paradigm licensing, credentialing, and certifications can be
validated with online, real-time operations ... obsoleting any requirement for
supporting offline
[EMAIL PROTECTED] (Peter Gutmann) writes:
I would go further and say that for most applications of PKCs/PKI
today, 1024- bit RSA keys are not a risk at all, or more
specifically that on a scale of risk they're so far down the list
that they're close to negligible. As numerous security HCI
Paul Hoffman wrote:
At 6:34 PM +0200 5/23/07, Florian Weimer wrote:
But no one is issuing certificates which are suitable for use with
SMTP (in the sense that the CA provides a security benefit).
No one? I thought that VeriSign and others did, at least a few years ago.
FWIW, last year we
re:
http://www.garlic.com/~lynn/aadsm27.htm#14 307 digit number factored
http://www.garlic.com/~lynn/aadsm27.htm#15 307 digit number factored
http://www.garlic.com/~lynn/aadsm27.htm#16 dnssec?
http://www.garlic.com/~lynn/aadsm27.htm#17 dnssec?
http://www.garlic.com/~lynn/aadsm27.htm#19 307 digit
10 matches
Mail list logo