SSL is layered on top of TCP, and then one layers one's
actual protocol on top of SSL, with the result that a
transaction involves a painfully large number of round
trips.
Perhaps theoretically painful, but in practice this is not the case;
commerce on the web is the counter-example. The
James A. Donald:
SSL is layered on top of TCP, and then one layers
one's actual protocol on top of SSL, with the result
that a transaction involves a painfully large number
of round trips.
Richard Salz wrote:
Perhaps theoretically painful, but in practice this is
not the case; commerce on
Hi,
SSL key distribution and management is horribly broken,
with the result that everyone winds up using plaintext
when they should not.
Yes, sending client certificates in plaintext while claiming that SSL/TLS is
secure doesn´t work in a world of phishing and identity theft anymore.
We
At Wed, 30 Jan 2008 09:04:37 +1000,
James A. Donald wrote:
Ivan Krstic' wrote:
Some number of these muppets approached me over the
last couple of years offering to donate a free license
for their excellent products. I used to be more polite
about it, but nowadays I ask that they
Why require contactless in the first place?
Is swiping one's card, credit-card style too difficult for the average
user? I'm thinking two parallel copper traces on the card could be
used to power it for the duration of the swipe, with power provided
by the reader. Why, in a
James A. Donald:
SSL is layered on top of TCP, and then one layers
one's actual protocol on top of SSL, with the result
that a transaction involves a painfully large number
of round trips.
Richard Salz wrote:
Perhaps theoretically painful, but in practice this is
not the case;
James A. Donald [EMAIL PROTECTED] writes:
James A. Donald:
SSL is layered on top of TCP, and then one layers
one's actual protocol on top of SSL, with the result
that a transaction involves a painfully large number
of round trips.
Richard Salz wrote:
Perhaps theoretically painful, but in
I don't disagree with your posting in general. I will note one thing:
Steven M. Bellovin [EMAIL PROTECTED] writes:
A transit system has to move people. For all that the New York City
Metrocard works, it's slower than a contactless wireless system.
As a consultant, I happen to have a lot of
On Jan 27, 2008 11:18 AM, zooko [EMAIL PROTECTED] wrote:
[adding Cc: p2p-hackers and cryptography mailing lists as explained
below; Please trim your follow-ups as appropriate.]
On Jan 26, 2008, at 9:44 PM, Gary Sumner wrote:
Surely there must be prior art on this technique to refute this
Folks on this list and its progenitors have long noted that
cryptography is a matter of economics.
Agreed, but using an insecure technology doesn't make sense from even an
economic perspective. They spent enough money that they could have
implemented a secure system, but instead, made two
On Tue, 29 Jan 2008, John Denker wrote:
The foregoing makes sense, and is in extreme contrast to the situation
I am faced with, where Joe logs in with the help of Jane, and then
Jane leaves. Jane has not the slightest control over what Joe does
while logged in. I don't see a sane procedure
Philipp Gühring wrote:
Yes, sending client certificates in plaintext while claiming that SSL/TLS is
secure doesn´t work in a world of phishing and identity theft anymore.
We have the paradox situation that I have to tell people that they should use
HTTPS with server-certificates and
At Wed, 30 Jan 2008 17:59:51 -,
Dave Korn wrote:
On 30 January 2008 17:03, Eric Rescorla wrote:
We really do need to reinvent and replace SSL/TCP,
though doing it right is a hard problem that takes more
than morning coffee.
TCP could need some stronger integrity protection. 8
On 30 January 2008 17:01, Jim Cheesman wrote:
James A. Donald:
SSL is layered on top of TCP, and then one layers
one's actual protocol on top of SSL, with the result
that a transaction involves a painfully large number
of round trips.
Richard Salz wrote:
Perhaps theoretically painful,
On 30 January 2008 17:03, Perry E. Metzger wrote:
My main point here was, in fact, quite related to yours, and one that
we make over and over again -- innovation in such systems for its own
sake is also not economically efficient or engineering smart.
Hear hear! This maxim should be
On 30 January 2008 17:03, Eric Rescorla wrote:
We really do need to reinvent and replace SSL/TCP,
though doing it right is a hard problem that takes more
than morning coffee.
TCP could need some stronger integrity protection. 8 Bits of checksum isn´t
enough in reality. (1 out of 256
16 matches
Mail list logo