-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/27/2010 8:56 AM, Sergei Steshenko wrote:
> I suggest to read http://en.wikipedia.org/wiki/ZRTP and pay special > attention to: > " > To ensure that the attacker is indeed not present in the first session (when > no shared secrets exist), the Short Authentication String method is used: the > communicating parties verbally cross-check a shared value displayed at both > endpoints. If the values don't match, a man-in-the-middle attack is > indicated. (In late 2006, NSA developed an experimental voice analysis and > synthesis system to defeat this protection.[2]) Sergei, Thanks for pointing this out! I had not seen this as I'd not checked out the Wikipedia entry for the protocol. Anthony -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iQIcBAEBAgAGBQJNGQKUAAoJEIeUq9QAeLbkQOkP/j2Od3McLIiFw087voAABI9O jrLN/uirD9pciS5UCwPxuS+xw/jMLXDmh3qb1GhmtMmDA6W+e8U0Umi7jHwmXrLj 4jNu8vacB1dWTCMA6920X9YID5ATShqO6STiFtElNBa5k9+5muRimXod+XS2Y/a5 pCMcfjzo+2bP4OHChbO/DGR+wcPpnneodG/GpL4gf6FrJ3y3f7xNootEsY7Ypp2w rRI7qWThGQz0HSAOJ64tm4lcjL6Osm4tsMCsNEHvNrBxGdbE3CP0A+Vyej7FK2sY KofZHOzNjne3/J7fk5bmpj5B7f8MfVMyMrAUWINeucspO2RPN7GTx8AkqKlXPgFe anW624Z/3/YpYEjC95Jt6IqopkJNttd2mOS55eIe/XC2miZ5s4R041KrW6KJTHqY 0z9L19sBoTPUZsWOdO2ytVcEJMiUuLMGTDui3+BwU8wrrkpUpUFB0PrHn+hNmykI 5qKDWHqIwwSRT52UtSWTl//yrbb/7mlM/Yrfeljb0ADBeWTg5tC8R2K8bw3CAEs+ 27VxEQshb4XZU81uIrgmvM8T8h1/qJL+WYO9mAxvE3SXDx56wQ0wRmyPxLUAMyQE iQLpYBMUQX64gSWgbF2z9YkMQtxL5Az+BAWLvM2BR2WT/Wvg5q18EMuj84xaAvgG KprCgB/rteivIIdVnJg4 =+OLF -----END PGP SIGNATURE----- _______________________________________________ ekiga-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/ekiga-list
