BBN has created three ASN.1 code generators over time and even released a
couple. (ASN.1 to C, C++, and Java). I believe that DER to support typical
X.509 management is the easiest subset. I can check on status for release to
open source if there is interest. It has been available as part of
On 2013-09-27 09:54, Phillip Hallam-Baker wrote:
Quite, who on earth thought DER encoding was necessary or anything
other than incredible stupidity?
I have yet to see an example of code in the wild that takes a binary
data structure, strips it apart and then attempts to reassemble it to
On Sep 26, 2013, at 7:54 PM, Phillip Hallam-Baker wrote:
...[W]ho on earth thought DER encoding was necessary or anything other than
incredible stupidity?...
It's standard. :-)
We've been through two rounds of standard data interchange representations:
1. Network connections are slow,
Phillip Hallam-Baker hal...@gmail.com writes:
Quite, who on earth thought DER encoding was necessary or anything other than
incredible stupidity?
At least some X.500/LDAP folks thought they could do it. Mind you, we're
talking about people who believe in X.500/LDAP here...
Peter.
On 2013-09-29 23:13, Jerry Leichter wrote:
BTW, the *idea* behind DER isn't inherently bad - but the way it ended up is
another story. For a comparison, look at the encodings Knuth came up with in
the TeX world. Both dvi and pk files are extremely compact binary
representations - but
On Thu, 26 Sep 2013, ianG wrote:
Right, scratch the Brits and the French. Maybe AU, NZ? I don't know.
Maybe the Germans / Dutch / Austrians.
At the risk of getting political, I'd recommend against AU (I live there).
Our new gummint has already shown that it will put its own interests ahead
=?iso-8859-1?Q?Kristian_Gj=F8steen?= kristian.gjost...@math.ntnu.no writes:
(For what it's worth, I discounted the press reports about a trapdoor in
Dual-EC-DRBG because I didn't think anyone would be daft enough to use it. I
was wrong.)
+1. It's the Vinny Gambini effect (from the film My
ianG i...@iang.org writes:
Well, defaults being defaults, we can assume most people have left it in
default mode. I suppose we could ask for research on this question, but I'm
going to guess: most.
âSoftware Defaults as De Facto Regulation: The Case of Wireless APsâ, Rajiv
Shah and
On 25/09/13 21:12 PM, Jerry Leichter wrote:
On Sep 25, 2013, at 12:31 PM, ianG i...@iang.org wrote:
...
My conclusion is: avoid all USA, Inc, providers of cryptographic products.
In favor off ... who?
Ah well, that is the sticky question. If we accept the conclusion, I
see these
On 26/09/13 02:32 AM, Peter Gutmann wrote:
ianG i...@iang.org writes:
Well, defaults being defaults, we can assume most people have left it in
default mode. I suppose we could ask for research on this question, but I'm
going to guess: most.
“Software Defaults as De Facto Regulation: The
On 24 September 2013 17:01, Jerry Leichter leich...@lrw.com wrote:
On Sep 23, 2013, at 4:20 AM, ianG i...@iang.org wrote:
... But they made Dual EC DRBG the default ...
At the time this default was chosen (2005 or thereabouts), it was *not* a
mistake.
Hi Jerry,
I appreciate the devil's advocate approach here, it has helped to get my
thoughts in order! Thanks!
My conclusion is: avoid all USA, Inc, providers of cryptographic
products. Argumentation follows...
On 24/09/13 19:01 PM, Jerry Leichter wrote:
On Sep 23, 2013, at 4:20 AM,
24. sep. 2013 kl. 18:01 skrev Jerry Leichter leich...@lrw.com:
At the time this default was chosen (2005 or thereabouts), it was *not* a
mistake. Dual EC DRBG was in a just-published NIST standard. ECC was
hot as the best of the new stuff - with endorsements not just from NSA but
from
On 22/09/13 16:43 PM, Jerry Leichter wrote:
On Sep 20, 2013, at 2:08 PM, Ray Dillinger wrote:
More fuel for the fire...
http://rt.com/usa/nsa-weak-cryptography-rsa-110/
RSA today declared its own BSAFE toolkit and all versions of its
Data Protection Manager insecure, recommending that all
On Sep 20, 2013, at 2:08 PM, Ray Dillinger wrote:
More fuel for the fire...
http://rt.com/usa/nsa-weak-cryptography-rsa-110/
RSA today declared its own BSAFE toolkit and all versions of its
Data Protection Manager insecure, recommending that all customers
immediately discontinue use of
*1 Anyone who attempts to generate random numbers by
deterministic means is, of course, living in a
state of sin. -- John Von Neumann
That said, it seems that most of these attacks on Pseudorandom
generators some of which are deliberately flawed, can be ameliorated
somewhat by using
16 matches
Mail list logo
