On 09/03/2010 03:45 AM, Ben Laurie wrote:
That's the whole point - a hash function used on an arbitrary message
produces one of its possible outputs. Feed that hash back in and it
produces one of a subset of its possible outputs. Each time you do this,
you lose a little entropy (I can't
On 10/05/2010 02:04 PM, travis+ml-rbcryptogra...@subspacefield.org wrote:
I don't know if anyone else noticed this but...
Storage systems are basically a subclass of protocols; they're
unidirectional (with no acknowledgements). IOW, you're sending
messages to yourself at some (future) point in
On 10/06/2010 06:42 PM, silky wrote:
The core Tahoe developers promise never to change Tahoe-LAFS to
facilitate government access to data stored or transmitted by it. Even
if it were desirable to facilitate such access—which it is not—we
believe it would not be technically feasible to do so
On 11/18/2010 04:21 PM, Adam Back wrote:
So a serious question: is there a software company friendly jurisdiction?
As weird as it sounds, it seems that most politicians seem to think of
patents as being business friendly and lump them together under this
nebulous concept of intellectual
On 11/24/2010 02:11 PM, coderman wrote:
On Wed, Nov 24, 2010 at 2:49 AM, Marsh Rayma...@extendedsubset.com wrote:
(that's the abridged version. this is actually more complicated than
many assume, and i've written my own egd's in the past to meet need.)
Ya.
How does this feature interact
On 12/04/2010 03:08 PM, Jens Kubieziel wrote:
Hi,
recently I had a discussion about biometric data. The following problem
occured:
Assume someone wants to register at a website. He swipes his finger over
his fingerprint reader. The reader generates strong passphrase from the
fingerprint and
On 12/14/2010 09:11 PM, Rayservers wrote:
Moral: never depend on only one network security layer, and write and verify
your own crypto. Recall Debian and OpenSSL.
I think it's too early to draw conclusions from this.
I spent a good bit of time going through a bunch of the OpenBSD CVS
On 12/15/2010 01:38 AM, Peter Gutmann wrote:
This is one of those things where those who know the truth won't be able to
talk about it, and those who can openly talk about it don't know the truth.
Having pointed out that distinction, I'll now talk about it :-). It violates
the principle of
On 12/15/2010 02:31 AM, Jon Callas wrote:
But this way,
the slur has been made in a way that is impossible to discuss. I
think evidence is called for, or failing that, and actual description
of the flaw.
Hot off the presses. Haven't yet decided how much this counts for
information. But he
On 12/15/2010 02:36 PM, Jon Callas wrote:
Facts. I want facts. Failing facts, I want a *testable* accusation.
Failing that, I want a specific accusation.
How's this:
OpenBSD shipped with a bug which prevented effective IPsec ESP
authentication for a few releases overlapping the time period
On 12/16/2010 04:46 PM, Steven Bellovin wrote:
I've known Angelos Keromytis since about 1997; he's now a colleague
of mine on the faculty at Columbia. I've known John Ioannidis -- the
other name attached to that code -- for considerably longer. I've
written papers with both of them. To
On 12/17/2010 09:46 AM, Kevin W. Wall wrote:
I like it. And I propose that this be the 6 lines of code:
int a;
int b;
int c;
int d;
int e;
int f;
OK, so what's your solution then? :-)
Because of my style with C++, I've written lots of bugs
On 12/22/2010 10:53 PM, David-Sarah Hopwood wrote:
On 2010-12-22 18:39, Randall Webmail wrote:
OpenBSD Founder Believes FBI Built IPsec Backdoor
But Theo de Raadt said it is unlikely that the Federal Bureau of
Investigation's Internet protocol security code made it into the
final operating
On 12/30/2010 05:41 AM, Peter Gutmann wrote:
Francois Grieufgr...@gmail.com writes:
According to a presentation made at the 27th Chaos Communication Congress,
there is a serious bug in the code that was used to produce ECDSA signatures
for the PS3:
Haha, I just got a PS3 the other day. This
On 01/06/2011 10:27 AM, travis+ml-rbcryptogra...@subspacefield.org wrote:
On Thu, Jan 06, 2011 at 08:22:03AM -0800,
travis+ml-rbcryptogra...@subspacefield.org wrote:
Someone emailed into Security Now a while back, asking about workplace
surveys that are supposed to be anonymous, but have a
On 01/14/2011 06:13 PM, Jon Callas wrote:
This depends on what you mean by data integrity.
How about an attacker with write access to the disk is unable to modify
the protected data without detection?
In a strict, formal
way, where you'd want to have encryption and a MAC, the answer is
On 01/25/2011 09:50 PM, Peter Gutmann wrote:
This isn't one of those namby-pamby one-site phishing MITMs, this is a MITM of
an entire country:
http://www.theatlantic.com/technology/archive/2011/01/the-inside-story-of-how-facebook-responded-to-tunisian-hacks/70044/
For those who don't want to
On 01/28/2011 05:43 AM, Daniel Silverstone wrote:
On Thu, Jan 27, 2011 at 12:03:26PM +, Marsh Ray wrote:
[Disclaimer: I work for Simtec and worked on the Entropy Key. We are honestly
interested in frank and open discourse about the device and in that spirit, my
comments follow.]
Cool
On 04/18/2011 09:26 PM, Sandy Harris wrote:
In many situations, you have some sort of randomness pool
and some cryptographic operations that require random
numbers. One concern is whether there is enough entropy
to support the usage.
Is it useful to make the crypto throw something back
into the
On 06/05/2011 08:57 PM, David G. Koontz wrote:
On 5/06/11 6:26 PM, Peter Gutmann wrote:
That's the thing, you have to consider the threat model: If
anyone's really that desperately interested in watching your tweets
about what your cat's doing as you type them then there are far
easier attack
On 06/07/2011 02:01 PM, J.A. Terranson wrote:
On Tue, 7 Jun 2011, Nico Williams wrote:
TEMPEST.
I'd like keyboards with counter-measures (emanation of noise clicks)
or shielding to be on the market, and built-in for laptops.
Remember how well the original IBM PC clicky keyboard went over
On 06/09/2011 08:08 PM, Solar Designer wrote:
The rest of your numbers passed my double-checking just fine. BTW,
0.35 um process is not state of the art, so things might actually be
even worse.
(I never had an HP RPN calculator, but I still have two different
Soviet-made programmable RPN
Also a discussion on this going on at
http://news.ycombinator.com/item?id=2654586
On 06/14/2011 05:50 PM, Jack Lloyd wrote:
I discovered this a while back when I wrote a bcrypt implementation.
Unfortunately the only real specification seems to be 'what the
OpenBSD implementation does'.
That
On 06/15/2011 01:43 PM, markus reichelt wrote:
* Marsh Rayma...@extendedsubset.com wrote:
Note that this site is sourcing Google analytics.
... so?
A site can be no more secure than the places from which it sources
script (or just about any resource other than images). In all
On 06/16/2011 02:17 PM, Adam Back wrote:
Trust me the noise level on here is zero compared to usenet news
flame fests, spam, DoS etc. The maintainer is removing spam for one
(I think).
Anything looks acceptable if you're willing to set your standard of
comparison low enough.
Many of us aren't
On 06/20/2011 12:55 PM, Solar Designer wrote:
Yes, one lesson is that such pieces of code need more testing. Maybe
fuzzing with random inputs, including binary data, comparing them
against other existing implementations.
There are certainly more bugs lurking where the complex rules of
On 06/21/2011 12:18 PM, Ian G wrote:
On 18/06/11 8:16 PM, Marsh Ray wrote:
On 06/18/2011 03:08 PM, slinky wrote:
But we know there are still hundreds of
trusted root CAs, many from governments, that will silently install
themselves into Windows at the request of any website. Some
On 06/22/2011 07:17 AM, Peter Gutmann wrote:
Crypto API designed by an individual or a single organisation:
CryptoAPI: A handful of guys at Microsoft
I always kind of thought this one looked like someone went a little wild
with the UML modeling tools.
PKCS #11: Someone at RSA (I've heard
On 06/22/2011 10:04 AM, Marsh Ray wrote:
Code signing. Occasionally useful.
I meant to add:
It's usually more useful as a means for an platform vendor to enforce
its policies on legitimate developers than as something which delivers
increased security to actual systems.
- Marsh
On 06/24/2011 02:04 AM, Nico Williams wrote:
Every bank that uses Active Directory uses Kerberos, and the GSS-like
SSPI. And the Kerberos GSS mechanism (through SSPI, on Windows). The
native Windows TLS implementation is accessed via SSPI.
I've used/abused the Windows SSPI a few times for
On 06/25/2011 03:48 PM, Ian G wrote:
On 21/06/11 4:15 PM, Marsh Ray wrote:
This was about the CNNIC situation,
Ah, the I'm not in control of my own root list threat scenario.
See, the thing there is that CNNIC has a dirty reputation.
That's part of it. But there are some deeper issues
On 06/26/2011 01:13 PM, The Fungi wrote:
On Sun, Jun 26, 2011 at 12:26:40PM -0500, Marsh Ray wrote: [...]
Now maybe it's different for ISP core router admins, but the
existence of this product strongly implies that at least some
admins are connecting to their router with their web browser over
On 06/26/2011 05:58 PM, Ian G wrote:
On 26/06/11 5:50 AM, Ralph Holz wrote:
- you don't want to hurt the CAs too badly if you are a vendor
Vendors spend all day long talking internally and with other vendors.
Consequently, they tend to forget who holds the real money.
For most healthy
On 06/27/2011 06:30 PM, Sampo Syreeni wrote:
On 2011-06-20, Marsh Ray wrot
I once looked up the Unicode algorithm for some basic case
insensitive string comparison... 40 pages!
Isn't that precisely why e.g. Peter Gutmann once wrote against the
canonicalization (in the Unicode context
On 06/28/2011 10:36 AM, Ian G wrote:
On 28/06/11 11:25 AM, Nico Williams wrote:
The most immediate problem for many users w.r.t. non-ASCII in
passwords is not the likelihood of interop problems but the
heterogeneity of input methods and input method selection in login
screens, password input
On 06/28/2011 12:01 PM, Paul Hoffman wrote:
And this discussion of ASCII and internationalization has what to do
with cryptography, asks the person on the list is who is probably
most capable of arguing about it but won't? [1]
It's highly relevant to the implementation of cryptographic systems
On 06/28/2011 12:48 PM, Steven Bellovin wrote:
Wow, this sounds a lot like the way 64-bit DES was weakened to 56 bits.
It wasn't weakened -- parity bits were rather important circa 1974.
(One should always think about the technology of the time.
It's a very reasonable-sounding explanation,
On 06/28/2011 02:09 PM, Sampo Syreeni wrote:
But a case-insensitive password compare?!? For some reason I don't
think anybody would want to go there, and that almost everybody would
want the system to rather fail safe than to do anything but pass
around (type-tagged) bits. I mean, would anybody
On 06/29/2011 04:01 AM, Ian G wrote:
Or, talking about non-crypto security techniques like passwords is
punishment for mucking up the general deployment of better crypto
techniques.
Nice. :-)
- Marsh
___
cryptography mailing list
Well I guess that wasn't off list after all.
It's still nice tho. :-)
On 06/29/2011 09:40 AM, Marsh Ray wrote:
On 06/29/2011 04:01 AM, Ian G wrote:
Or, talking about non-crypto security techniques like passwords is
punishment for mucking up the general deployment of better crypto
On 06/29/2011 06:49 AM, Peter Gutmann wrote:
So far I've had exactly zero complaints about i18n or c18n-based password
issues.
[Pause]
Yup, just counted them again, definitely zero. Turns out that most of the
time when people are entering their passwords to, for example, unlock a
private
fOn 06/29/2011 05:41 PM, Jeffrey Walton wrote:
From my interop-ing experience with Windows, Linux, and Apple (plus
their mobile devices), I found the best choice for password
interoperability was UTF8, not UTF16.
I use UTF-8 whenever possible, too.
Just to be clear here, the native OS Win32
There's a new and improved botnet around that's got the tech press all
a-flutter.
http://www.securelist.com/en/analysis/204792180/TDL4_Top_Bot :
The ‘indestructible’ botnet Encrypted network connections
One of the key changes in TDL-4 compared to previous versions is an
updated algorithm
On 07/05/2011 08:07 PM, Taral wrote:
On Tue, Jul 5, 2011 at 3:53 AM, Adam Backa...@cypherspace.org wrote:
I dont think you can prove you have destroyed a bitcoin, neither your own
bitcoin, nor someone else's. To destroy it you would have to prove you
deleted the coin private key, and you
On 07/07/2011 04:10 PM, Nico Williams wrote:
In some (most?) public key cryptosystems it's possible to prove that a
valid public key has a corresponding private key (that is, there
exists a valid private key for which the given public key *is* the
public key). That's used for public key
On 07/12/2011 04:24 PM, Zooko O'Whielacronx wrote:
On Tue, Jul 12, 2011 at 11:10 AM, Hill, Bradbh...@paypal-inc.com
wrote:
I have found that when H3 meets deployment and use, the reality
too often becomes: Something's gotta give. We haven't yet found
a way to hide enough of the complexity of
On 07/13/2011 01:01 AM, Ian G wrote:
On 13/07/11 9:25 AM, Marsh Ray wrote:
But the entire purpose of securing a system is to deny access to
the protected resource.
And that's why it doesn't work; we end up denying access to the
protected resource.
Denying to the attacker - good.
Denying
I normally wouldn't post about any old software release, but with the
recent discussion of SSH and authentication these release notes from
PuTTY seem appropriate.
- Marsh
http://lists.tartarus.org/pipermail/putty-announce/2011/16.html
It's been more than four years since 0.60 was
On 07/13/2011 01:33 PM, Jeffrey Walton wrote:
I believe Mozilla is [in]directly supported by Google. Mozilla has
made so much money, they nearly lost their tax exempt status:
http://tech.slashdot.org/story/08/11/20/1327240/IRS-Looking-at-GoogleMozilla-Relationship.
Mozilla has a lot of cash
On 07/13/2011 09:37 PM, Ai Weiwei wrote:
Hello list,
Recently, Wired published material on their website which are claimed
to be logs of instant message conversations between Bradley Manning
and Adrian Lamo in that infamous case. [1] I have only casually
skimmed them, but did notice the
On 07/15/2011 11:21 PM, Ian Goldberg wrote:
Just to be clear: there are _no_ OTR-related mathematical points or
issues here. The logs were in plain text. OTR has nothing at all to do
with their deniability.
It's a good bet the entirety of the informant's PC was acquired for
computer
On 07/20/2011 08:24 AM, Ian G wrote:
Yes, sure, but:
1. we are talking about high frequency trading here, and speed is the
first, second and third rule. Each trade could be making 10k++ and up,
which buys you a lot of leaches.
Basically, you have to get the trade down to the cost of a packet,
On 09/02/2011 10:29 AM, Harald Hanche-Olsen wrote:
The -gate suffix is getting tiresome, actually. I tend to agree with this:
http://www.ajr.org/article.asp?id=5106
Ever since a certain third-rate burglary in Washington, D.C., many
years ago, journalists have insisted on sticking the
On 09/02/2011 12:55 PM, coderman wrote:
the next escalation will be sploiting private keys out of hardware
security modules presumed impervious to such attacks.
given the quality of HSM firmwares they're lucky cost is somewhat a
prohibiting factor for attackers.
authority in the wild, not
On 09/03/2011 06:13 PM, Jeffrey Walton wrote:
http://abcnews.go.com/Technology/wireStory?id=14441405
The Dutch government said Saturday it cannot guarantee the security
of its own websites, days after the private company it uses to
authenticate them admitted it was hacked. An official also said
Preliminary report on-line:
http://www.rijksoverheid.nl/documenten-en-publicaties/rapporten/2011/09/05/fox-it-operation-black-tulip.html
- Marsh
___
cryptography mailing list
cryptography@randombit.net
On 09/07/2011 10:00 AM, Peter Gutmann wrote:
Ian Gi...@iang.org writes:
Hence, the well-known race-to-the-bottom, which is a big factor in DigiNotar.
Actually I'm not sure that DigiNotar was the bottom, since they seem to have
been somewhat careful about the certs they issued. The bottom
On 09/07/2011 02:34 PM, Fredrik Henbjork wrote:
http://www.globalsign.com/company/press/090611-security-response.html
This whole mess just gets better and better...
What's interesting is how the attacker simply doesn't fit the expected
motivations that SSL cert-based PKI was ever sold as
On 09/11/2011 07:26 PM, Paul Hoffman wrote:
Some of us observe a third, more likely
approach: nothing significant happens due to this event. The
collapse of faith is only among the security folks whose faith was
never there in the first place. A week after the event, who was
talking about it
On 09/12/2011 01:45 PM, M.R. wrote:
The system is not expected to protect individual
liberty, life or limb, nor is it expected to protect high-value
monetary transactions, intellectual property assets, state secrets
or critical civic infrastructure operations.
It never was, and yet, it is
On 09/13/2011 01:31 PM, Seth David Schoen wrote:
An example from yesterday was
https://www.senate.gov/
which had a valid cert a while ago and then recently stopped. (Their
HTTPS support was reported to us as working on June 29; according to
Perspectives, the most recent change apparently
On 09/14/2011 09:34 PM, Arshad Noor wrote:
On 9/14/2011 2:52 PM, Seth David Schoen wrote:
Arshad Noor writes:
I'm not sure I understand why it would be helpful to know all (or any)
intermediate CA ahead of time. If you trust the self-signed Root CA,
then, by definition, you've decided to
On 09/15/2011 12:15 PM, Ian G wrote:
Trust in a CA might be more like 99%.
Now, if we have a 1% untrustworthy rating for a CA, what happens when
we have 100 CAs?
Well, untrust is additive (at least). We require to trust all the
CAs. So we have a 100% untrustworthy rating for any system of 100
Been seeing Twitter from @ralphholz, @KevinSMcArthur, and @eddy_nigg
about some goofy certs surfacing in S Korea with CA=true.
via Reddit http://www.reddit.com/tb/kj25j
http://english.hani.co.kr/arti/english_edition/e_national/496473.html
It's not entirely clear that a trusted CA cert is
On 09/17/2011 11:59 PM, Arshad Noor wrote:
The real problem, however, is not the number of signers or the length
of the cert-chain; its the quality of the certificate manufacturing
process.
No, you have it exactly backwards.
It really is the fact that there are hundreds of links in the chain
On 09/18/2011 05:32 AM, Jeffrey Walton wrote:
The one thing I cannot palette: [many] folks in Iran had a
preexisting relationship with Google. For an Iranian to read his/her
email via Gmail only required two parties - the person who wants to
do the reading and the Gmail service. Why was a third
On 09/18/2011 12:50 PM, Arshad Noor wrote:
On 09/17/2011 10:37 PM, Marsh Ray wrote:
It really is the fact that there are hundreds of links in the chain and
that the failure of any single weak link results in the failure of the
system as a whole.
I'm afraid we will remain in disagreement
On 09/18/2011 11:48 PM, Arshad Noor wrote:
On 09/18/2011 01:12 PM, Marsh Ray wrote:
But the failure of *any* single CA allows a successful attack on *every*
user connecting to *every* https website.
Would you care to explain this in more detail, Marsh?
Please feel free to frame your
On 09/19/2011 10:53 AM, Andy Steingruebl wrote:
You know what else fails at fighting phishing?
- The locks on my car door
Hmmm, what would a phishing attack on your car door locks look like?
Perhaps someone could replace your car one night with a very
similar-looking one, then when you're
On 09/20/2011 03:21 PM, Jeffrey Walton wrote:
Google's smart phone position
(http://code.google.com/p/cyanogenmod/issues/detail?id=4260): Why
would we remove the root certificate? DigiNotar hasn't been revoked
as a CA... MITM attacks are pretty rare. (Sep 1, 2011). On Sept 2,
2011 the issue
On 10/02/2011 03:38 AM, Peter Gutmann wrote:
Sandy Harrissandyinch...@gmail.com writes:
What on Earth were the arguments against it? I'd have thought PFS was a
complete no-brainer.
Two things, it's computationally very expensive, and most people have no idea
what PFS is.
There's been one
On 10/05/2011 07:57 AM, ianG wrote:
This thread originated in a state-led attack on google and 4 CAs
(minimum) with one bankruptcy, one state's government certificates being
replaced, measured cert uses (MITMs?) in the thousands.
Just for the record, the Fox-IT Interim Report September 5,
On 10/21/2011 08:09 AM, Kai Engert wrote:
This is an idea how we could improve today's world of PKI, OCSP,
CA's.
https://kuix.de/mecai/
This is great. We need these kinds of ideas.
Review, thoughts and reports of flaws welcome.
OK, this is a serious thought, not just a flippant remark:
On 11/02/2011 02:33 PM, Jack Lloyd wrote:
It seems like it would be harder (or at least not easier) to find a
collision or preimage for HMAC with an unknown key than a collision or
preimage for an unkeyed hash, so using HMAC(H(m)) allows for an avenue
of attack that HMAC(m) would not, namely
Came across this on Reddit:
Declassified NSA Tech Journals
http://www.nsa.gov/public_info/declass/tech_journals.shtml
It all looks so interesting it's hard to know where to start.
- Marsh
* Emergency Destruction of Documents - April 1956 - Vol. I, No. 1
* Development of Automatic Telegraph
Steven Bellovins...@cs.columbia.edu wrote:
Does anyone know of any (verifiable) examples of non-government
enemies exploiting flaws in cryptography? I'm looking for
real-world attacks on short key lengths, bad ciphers, faulty
protocols, etc., by parties other than governments and militaries.
On 11/27/2011 09:57 PM, Peter Gutmann wrote:
That's an example of *claims* of 512-bit keys being factored, with
the thinking being everyone knows 512-bit keys are weak, the certs
used 512-bit keys, therefore they must have got them by factoring.
Yeah. It seems like an important point.
On 11/28/2011 04:56 PM, Steven Bellovin wrote:
I'm writing something where part of the advice is don't buy snake
oil crypto, get the good stuff. By good I mean well-accepted
algorithms (not proprietary for extra security!), and protocols
that have received serious analysis. I also want to
On 11/28/2011 05:58 PM, Marsh Ray wrote:
I heard it stated somewhere that an Apple product was using PBKDF2
with a work factor of 1. Does that count?
Follow-up.
It was Blackberry, not Apple:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3741
Vulnerability Summary for CVE-2010
On 11/28/2011 06:52 PM, Steven Bellovin wrote:
On Nov 28, 2011, at 6:58 PM, Marsh Ray wrote:
On 11/28/2011 04:56 PM, Steven Bellovin wrote:
I'm writing something where part of the advice is don't buy snake
oil crypto, get the good stuff. By good I mean well-accepted
algorithms
On 11/27/2011 03:00 PM, Ben Laurie wrote:
Given the recent discussion on Sovereign Keys I thought people might
be interested in a related, but less ambitious, idea Adam Langley
and I have been kicking around:
http://www.links.org/files/CertificateAuthorityTransparencyandAuditability.pdf.
Some
On 11/30/2011 05:24 AM, Ben Laurie wrote:
On Wed, Nov 30, 2011 at 1:18 AM, Marsh Rayma...@extendedsubset.com
wrote:
Perhaps the relevant property is certs issued by a browser-trusted
CA or subordinate regardless of their visibility.
If they are not visible, why would we care whether they
On 12/01/2011 11:09 AM, Ben Laurie wrote:
On Thu, Dec 1, 2011 at 4:56 PM, Marsh Rayma...@extendedsubset.com
wrote:
On 12/01/2011 04:37 PM, Jerrie Union wrote:
public boolean check(digest, secret) {
hash = md5(secret);
if (digest.length != hash.length) {
return false;
}
for (i = 0; i digest.length; i++) {
if (digest[i] != hash[i]) {
return
On 12/01/2011 10:15 PM, Solar Designer wrote:
On Thu, Dec 01, 2011 at 09:15:05PM -0600, Marsh Ray wrote:
When you can evaluate MD5 at 5.6 GH/s, accessing even a straight lookup
table in main memory is probably a slowdown.
Yes, but those very high speeds are throughput for large numbers
On 12/02/2011 01:21 AM, Marsh Ray wrote:
Out of a set of 4096 (salt values) random functions each mapping
{ 1...256 } - { 0 ... 255 }
samples H[0] values
how many would we expect to have all samples map to the same value,
i.e., have a codomain size of 1 ?
s/codomain/image/
- Marsh
Anyone have any more info on this?
Even just a CVE or 'fixed in' version would be helpful.
http://www.isoc.org/isoc/conferences/ndss/12/program.shtml#1a
Plaintext-Recovery Attacks Against Datagram TLS
Kenneth Paterson and Nadhem Alfardan We describe an efficient and
full plaintext recovery
[Really this is to the list, not so much Jon specifically]
On 12/07/2011 02:10 PM, Jon Callas wrote:
Let's figure out what we're trying to accomplish; after that, we
can try to figure out how to do it.
I think that's the central problem we're dealing with. There is scads
of mechanism and
On 12/07/2011 07:01 PM, lodewijk andré de la porte wrote:
I figured it'd be effective to create a security awareness group
figuring the most prominent (and only effective) way to show people
security is a priority is by placing a simple marking, something like
this site isn't safe!
I thought
On 12/07/2011 08:12 PM, lodewijk andré de la porte wrote:
I'm afraid far more effective just doesn't cut it. Android has
install .APK from third party sources which you'll engage whenever you
install an APK without using the market, trusted or not.
That's why I didn't use Android as an
On 12/08/2011 09:16 AM, Darren J Moffat wrote:
On 12/07/11 14:42, William Whyte wrote:
Well, I think the theoretically correct answer is that you *should*...
these days all the installers can be available online, after all.
Except when the installer CD you need is the one for the network
On 12/08/2011 01:09 PM, jd.cypherpunks wrote:
David Ulevitch is rolling out OpenDNS http://david.ulevitch.com/
What do you think?
I assume you're talking about their new DNSCrypt application.
They seem to be saying it's an implementation of DJB's DNSCurve protocol.
On 12/21/2011 04:24 PM, Michael Nelson wrote:
Somewhat related: The IEEE is asking for proposals to develop and
operate a CA as a part of their Taggant System. This involves
signing to validate the usage of packers (compressing executables).
Packers can make it hard for anti-virus programs to
On 01/05/2012 03:46 PM, Thor Lancelot Simon wrote:
I am asking whether the
use of HMAC with two different, well known keys, one for each purpose,
is better or worse than using the folded output of a single SHA
invocation for one purpose and the unfolded output of that same
invocation for the
On 01/05/2012 05:59 PM, Thor Lancelot Simon wrote:
FWIW, using HMAC like this is the extract step of the two-step
extract-expand HMAC based construction that is HKDF
From http://tools.ietf.org/html/draft-krawczyk-hkdf-01
2.2. Step 1: Extract
PRK = HKDF-Extract(salt, IKM)
Options:
Original Message
Subject: [TLS] Fwd: New Non-WG Mailing List: therightkey
Date: Fri, 13 Jan 2012 18:26:18 +
From: Stephen Farrell stephen.farr...@cs.tcd.ie
To: s...@ietf.org s...@ietf.org, pkix p...@ietf.org, t...@ietf.org
t...@ietf.org, dane d...@ietf.org
FYI please
On 02/06/2012 09:00 PM, Jonathan Katz wrote:
One question, though. Langley writes: If the attacker is close to
the server then online revocation checks can be effective, but an
attacker close to the server can get certificates issued from many
CAs and deploy different certificates as needed.
On 02/07/2012 05:41 PM, Andy Steingruebl wrote:
I don't remember Adam saying in his blog post or in any other posts,
etc. that this is the only change they will make to Chrome.
Surely.
At the
same time I think they did get fairly tired or hard-coding a CRL list
into the Chrome binary
On 02/12/2012 10:24 AM, John Levine wrote:
They also claim in their defense that other CAs are doing this.
Evading computer security systems and tampering with communications is
a violation of federal law in the US.
As the article made quite clear, this particular cert was used to
monitor
On 02/14/2012 02:56 PM, Ralph Holz wrote:
BTW, what we do not address is an attacker sending us many forged chains
and/or traces. We don't want clients have to register with our server
and obtain an identity. That's a sore point.
Aren't the certs of interest those that chain to a well-known
1 - 100 of 151 matches
Mail list logo
