On Fri, Mar 23, 2007 at 04:00:23PM +0100, Florent Daignière (NextGen$) wrote: > * Matthew Toseland <[EMAIL PROTECTED]> [2007-03-23 14:52:19]: > > > Well, a more obvious flaw which exists and is exploitable right now, and > > is something of a "newbie crypto mistake" is the fact that we are still > > using ephemeral diffie-hellman (with an outer encryption layer so you > > need to know both refs). We really should fix that... Nextgens has > > decided not to, should I? > > I haven't decided not to: I was planning to do it last WE but I was too > sick to do anything usefull. > > Btw, I still don't get why we should make it a priority *now* ; it has been > like that since the beginning! Are we the day before a non-advertised > release ?
No, it's been bugging me for some time, as you know. It's a dumb crypto mistake that has no business on the production version of Freenet - alpha or not.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
