On Fri, Apr 21, 2000 at 10:50:56AM -0700, Lee Daniel Crocker wrote: > > Well, there is a need for a system(s) that handles > > 1) Guessable keys > > 1a) Spam > > 1b) Valid clashes > > 2) Updating > > Maybe, maybe not. I'm not yet conviced that "guessability" needs > to be built into any function of the server--I think clients can do > that.
Speaking for Ian here - but one of his original aims for Freenet was guessable keys. I think that if I can be bothered to dig thru my mail archives I can get a quote from him saying it is (was?) his main aim. The server doesn't need to do it - but somehow I think that guessable keys should be in Freenet. > MD5 isn't very secure either. <Cough> It will do us! MD4 has never been broken but people moved to MD5 because it seemed a little too close to the edge. > SHA is, I think, the current gold standard SHA1 is *very* much the same as MD5 - the only thing that it gives us is a bigger key-space. Which thinking about it might well be reason enough to use it. As a side note the first version of SHA was 'corrected' by the NSA. > for such things. Hal, you're the cypherguru here (and the only one with > a PGP key older than mine:) Hey! I did RSA keys myself before PGP! The code was slow and crap but it was a good show-off at school ;) I would currently suggest DSA for public-key crypto because of patent issues. It's slow than RSA. The RSA patent expires (in the US) on 20th Sep 2000. I don't know about other countries. Then there are the eliptic-curve cryptosystems but I think that they are too new to trust (but they are doing well). AGL -- Smoking is one of the leading causes of statistics. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 240 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000421/db08b877/attachment.pgp>
