Hi,
We're facing a last minute change in our scheduled downtime. The current
window is from Fri., Aug. 16 through Sun., Aug. 25. This is from tomorrow
(Fri.) through Sunday of next weekend.
I apologize for the short notice on the change and any inconvenience this
might cause. We do not expect
- Original Message -
From: Ben Laurie [EMAIL PROTECTED]
The important part for this, is that TCPA has no key until it has an
owner,
and the owner can wipe the TCPA at any time. From what I can tell this
was
designed for resale of components, but is perfectly suitable as a point
of
It seems like a lot of interesting projects haven't been active for a
while - notably Free Haven and Eternity Usenet. Where is the most active
work, these days, on distributed publishing systems?
**
The Center for Civic
Joseph Ashwood wrote:
- Original Message -
From: Ben Laurie [EMAIL PROTECTED]
Joseph Ashwood wrote:
There is nothing stopping a virtualized version being created.
What prevents this from being useful is the lack of an appropriate
certificate for the private key in the TPM.
- Original Message -
From: Ben Laurie [EMAIL PROTECTED]
Joseph Ashwood wrote:
There is nothing stopping a virtualized version being created.
What prevents this from being useful is the lack of an appropriate
certificate for the private key in the TPM.
Actually that does nothing to
a)Tell declan and other media whores and shills to stay,Its just a drill.
b) Shred all tobacco documents
c) Ditto all wind farming cruft,global warming malarky.
d) All donation information must be burned.(and I don't mean on to a
dvd,goddamit.)
e) Don't run or drive fast,act nonchalant,but get
It's more than 'distributed publishing', it's distributed everything. Have
your grid and eat it too!
Use Plan 9:
http://plan9.bell-labs.com
The Hangar 18 Co-Op:
http:[EMAIL PROTECTED]
On Wed, 14 Aug 2002, Miles Fidelman wrote:
It seems like a lot of interesting projects haven't been
On Tuesday, August 13, 2002, at 03:07 PM, Gary Jeffers wrote:
A faster way to factor prime numbers found?
Faster even than the usual algorithm?:
The factors of a prime number are 1 and the number itself.
--Tim May
That the said Constitution shall never be construed to authorize
Congress
Anonymous User wrote:
This program can be used by anonymous contributors to release partial
information about their identity - they can show that they are someone
from a list of PGP key holders, without revealing which member of the
list they are. Maybe it can help in the recent controvery
From: Sunder [EMAIL PROTECTED]
None of those things work. Most spammers don't give a shit if you don't
receive email. I can attest to this by the slew of spam going to
hostmaster, webmaster, and the like on many networks. What they're really
selling is ten million addresses and spam
It seems that there is (a rather brilliant) way to bypass TCPA (as spec-ed.) I learned
about it from two separate sources, looks like two independent slightly different
hacks based on the same protocol flaw.
Undoubtedly, more people will figure this out.
It seems wise to suppress the urge and
On Wed, 2002-08-14 at 10:58, Miles Fidelman wrote:
It seems like a lot of interesting projects haven't been active for a
while - notably Free Haven and Eternity Usenet. Where is the most active
work, these days, on distributed publishing systems?
Try Mnet (http://mnet.sf.net/). It's the
Phew... the document is certainly tortuous, and has a large number of
similarly and confusingly named credentials, certificates and keys,
however from what I can tell this is what is going on:
Summary: I think the endorsement key and it's hardware manufacturers
certificate is generated at
[Repost]
Joe Ashwood writes:
Actually that does nothing to stop it. Because of the construction of TCPA,
the private keys are registered _after_ the owner receives the computer,
this is the window of opportunity against that as well.
Actually, this is not true for the endoresement key,
[resend via different node: [EMAIL PROTECTED] seems to be dead --
primary MX refusing connections]
Phew... the document is certainly tortuous, and has a large number of
similarly and confusingly named credentials, certificates and keys,
however from what I can tell this is what is going on:
Joe Ashwood writes:
Actually that does nothing to stop it. Because of the construction of TCPA,
the private keys are registered _after_ the owner receives the computer,
this is the window of opportunity against that as well.
Actually, this is not true for the endoresement key, PUBEK/PRIVEK,
On Thu, 15 Aug 2002, Adam Back wrote:
Summary: I think the endorsement key and it's hardware manufacturers
certificate is generated at manufacture and is not allowed to be
changed. Changing ownership only means (typically) deleting old
identities and creating new ones.
Are there 2
Adam Back writes:
So there are practical limits stemming from realities to do with code
complexity being inversely proportional to auditability and security,
but the extra ring -1, remote attestation, sealing and integrity
metrics really do offer some security advantages over the current
On Wed, Aug 14, at 10:58AM, Miles Fidelman wrote:
| It seems like a lot of interesting projects haven't been active for a
| while - notably Free Haven and Eternity Usenet. Where is the most active
| work, these days, on distributed publishing systems?
I forwarded this to Roger
Basically I agree with Adam's analysis. At this point I think he
understands the spec equally as well as I do. He has a good point
about the Privacy CA key being another security weakness that could
break the whole system. It would be good to consider how exactly that
problem could be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My sister-in-law had a brilliantly simple answer to the problem of
hijacking which was, close, but, um, no spliff, :-), to Vin
Suprynowicz's notorious Ganja and Guns Airline column of a few
years back.
She said, on September 12 or so last year, Why
I think a number of the apparent conflicts go away if you carefully
track endorsement key pair vs endorsement certificate (signature on
endorsement key by hw manufacturer). For example where it is said
that the endorsement _certificate_ could be inserted after ownership
has been established (not
On the employment situation... it seems that a lot of applied
cryptographers are currently unemployed (Tim Dierks, Joseph, a few
ex-colleagues, and friends who asked if I had any leads, the spate of
recent security consultant .sigs, plus I heard that a straw poll of
attenders at the codecon
--
On 15 Aug 2002 at 15:26, AARG! Anonymous wrote:
Basically I agree with Adam's analysis. At this point I
think he understands the spec equally as well as I do. He
has a good point about the Privacy CA key being another
security weakness that could break the whole system. It
On Thu, 15 Aug 2002, Anonymous wrote:
[Repost]
Joe Ashwood writes:
Actually that does nothing to stop it. Because of the construction of TCPA,
the private keys are registered _after_ the owner receives the computer,
this is the window of opportunity against that as well.
Actually,
25 matches
Mail list logo