were very active participants in both the Cypherpunks mailing list and
Cypherpunks meetings.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
AARG!, having burned the nym with the moderator of this list and who is
therefore now posting via the Hermes remailer commented on Microsoft,
which similarly burned the Palladium name, claims:
Hopefully this will shed light on the frequent claims that
Palladium will limit what programs people
time recount the tale of my discussing key management
with the chief-cryptographer for a battlefield communication system
considerably younger than the shuttle fleet. Appalling does not being to
describe it].
--Lucky Green
Rich Salz wrote:
Liberty is architected to be federated, unlike Passport.
The Liberty Alliance was stillborn to begin with. Not that it made any
practical difference, but the Liberty Alliance received an additional
bullet through the head the day that RSA Security, a key participant in
the
Nicko wrote:
I think this comes down to a classic time/money tradeoff. PGP 8.0
Personal edition is currently priced at $39. Even as an
experienced
Unix and PGP user I think that the GUI on PGP 8.0 will save
me an hour
of effort over the lifetime of the product, which means it
as to the legality of performing this research in the U.S.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
compiler version so-and-so and compile with that, and your
object will match the hash my app looks for. DEI
The above view may be overly optimistic. IIRC, nobody outside PGP was
ever able to compile a PGP binary from source that matched the hash of
the binaries built by PGP.
--Lucky Green
- an application for
an US Patent covering numerous methods by which software applications
can be protected against software piracy on a platform offering the
features that are slated to be provided by Palladium.
--Lucky Green
Enzo wrote quoting Lucky:
The cert shows as being issued by Equifax because Geotrust
purchased
Equifax's root embedded in major browsers since MSIE 5 on the
secondary market. (Geotrust purchased more than just the root).
This raises an interesting legal issue. Should any loss from
).
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
James wrote:
On 11 Jul 2002 at 1:22, Lucky Green wrote:
Trusted roots have long been bought and sold on the
secondary market
as any other commodity. For surprisingly low amounts, you
too can own
a trusted root that comes pre-installed in 95% of all web browsers
deployed.
How
Bill wrote:
At 10:07 PM 06/26/2002 -0700, Lucky Green wrote:
An EMBASSY-like CPU security co-processor would have seriously blown
the part cost design constraint on the TPM by an order of
magnitude or
two.
Compared to the cost of rewriting Windows to have a
infrastructure that can
encryption keys to the new TPM. I
am not aware of any such plans for non-user generated data, such as
purchased entertainment content, but then requiring the user to
repurchase such data when changing motherboards is not incompatible with
the content providers' business models.
--Lucky Green
, or the public key of the person who licensed the application.
(Other ways to exist but are omitted in the interest of brevity).
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL
Bob wrote quoting Mark Hachman:
The whitepaper can not be considered a roadmap to the design
of a Palladium-enabled PC, although it is one practical
solution. The whitepaper was written at around the time the
Trusted Computing Platform Association
(TCPA) was formed in the fall of 2000;
much the intent of the TCPA to permit the use of pseudonymous
credentials for many, if not most, applications. Otherwise, the TCPA's
carefully planned attempts at winning over the online liberty groups
would have been doomed from the start.
--Lucky Green
this mean that one should ignore the
benefits that TCPA might bring? Of course not. But it does mean that one
should carefully weigh the benefits against the risks.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending
folks in the field. Sure, I know some that could overcome
it, but they may not be willing to do the time for what by then will be
a crime. Come to think of it, doing so already is a crime.
--Lucky Green
-
The Cryptography Mailing
Anonymous writes:
Lucky Green writes regarding Ross Anderson's paper at:
Ross and Lucky should justify their claims to the community
in general and to the members of the TCPA in particular. If
you're going to make accusations, you are obliged to offer
evidence. Is the TCPA really
John wrote quoting Lucky:
Locate the button in your MUA that's labeled Use secure
connection
or something to that effect, search the docs for your MTA for the
words STARTTLS, relaying, and potentially SASL, don't
use your
ISP's smtp server, encourage those that you are
scenarios is the fact the case.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
ji wrote:
Under this proposed law, will ISPs have to scan *all* SMTP
traffic and record the envelope, or only the traffic for
which they actually do
SMTP forwarding? If the latter is the case, we can simply go
back to the original end-to-end SMTP delivery model; no
POP/IMAP or any of
Bill wrote:
I have been thinking about how to limit denial of service
attacks on a server which will have to verify signatures on
certain transactions. It seems that an attacker can just
send random (or even not so random) data for the signature
and force the server to perform extensive
Enzo wrote:
Further to Lucky's comments: in the last few days I have
discussed keysize issues with a few people on a couple of
mailing lists, and I have encountered a hostility to large
keysizes of which, frankly, I don't understand the reasons.
On the client side at least, performance
Anonymous wrote (quoting Adam):
Adam Back wrote:
The mocking tone of recent posts about Lucky's call seems quite
misplaced given the checkered bias and questionable
authority of the
above conflicting claims we've seen quoted.
No, Lucky made a few big mistakes. First, he invoked Ian
Enzo wrote:
Hmmm... I see that the new 4096-bit super-duper key, besides
its own (which doesn't prove much), only bears the signatures
of the now revoked -as potentially compromised- old keys
0x375AD924 and 0xEEE8CFF3, plus 0x06757D2D (which turns out
to be a 1024-bit DSA key) and
reluctantly revoked all my personal 1024-bit
PGP keys and the large web-of-trust that these keys have acquired over
time. The keys should be considered compromised. The revoked keys and my
new keys are attached below.
--Lucky Green
-BEGIN PGP PUBLIC KEY BLOCK-
Version: PGP 7.1
Comment: Problems
Philip,
If we can at all fit it into the schedule, IFCA will attempt to offer a
colloquium on this topic at FC. Based on the countless calls inquiring about
this issue that I received just in the last few days, the customers of
financial cryptography are quite concerned about the Bernstein paper,
-of-the-box by the
overwhelming majority of deployed MUA's in the world.
-- Lucky Green [EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
PROTECTED]
Subject: RE: FreeSWAN Release 1.93 ships!
On Sunday 09 December 2001 07:32 pm, Lucky Green
[EMAIL PROTECTED] wrote:
The big question is: will FreeS/WAN latest release after some 4 or 5
years of development finally both compile and install cleanly on
current versions of Red Hat
30 matches
Mail list logo