Re: [Cryptography] Why is emailing me my password?
I think that's absurd to say that it gives a false sense of security. It only gives a sense of security if you didn't read the text when you entered the password in the first place. It keeps people from doing mass unsubscribes trivially. If someone was targeting you, yes, they would be able to delete your subscription, but that would likely be true with little effort to begin with if you are of the type that doesn't read that your password is stored insecurely and sent in plain text when you enter it. On 01/10/2013 2:17 PM, Markus Wanner wrote: > On 10/01/2013 06:56 PM, Benjamin Kreuter wrote: >> 2. The password is sent just in case you forgot it and want to >>unsubscribe. Without the password, any troll might unsubscribe you >>from the list by simply forging headers. Were this to be encrypted, >>you would wind up with the classic problem of lost private keys, >>leaving people who forgot their password unable to unsubscribe (at >>least in any automated fashion). > > Agreed, that's a good point against PKI in this case. However, why use a > password at all? I'd also argue it gives a false sense of security. > > For that very reason I prefer mailing list software that works via email > (rather than web interface) and authenticates by the ability to receive > mails under the given email. Forging headers doesn't quite suffice > there, either. > > Regards > > Markus Wanner > ___ > The cryptography mailing list > cryptography@metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography > -- Kelly John Rose Mississauga, ON Phone: +1 647 638-4104 Twitter: @kjrose Document contents are confidential between original recipients and sender. ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
Re: [Cryptography] Gilmore response to NSA mathematician's "make rules for NSA" appeal
On 23/09/2013 3:45 PM, John Kelsey wrote: > It needs to be in their business interest to convince you that they *can't* > betray you in most ways. This is the most important element, and legislation that states you "cannot" share that information won't be enough, especially since the NSLs have guaranteed that it can be circumvented without any real effort. If Google, or other similar businesses want to convince people to store data in the cloud, they need to set up methods where the data is encrypted or secured before it is even provided to them using keys which are not related or signed by a central authority key. This way, even if Google's entire system was proven to be insecure and riddled with leaks, the data would still be secure. You cannot share data that you can never have access to. Albeit, from a political perspective this could be Kryptonite since less savory types will be inclined to use your services if you can show effectively that the data stored on your services is inaccessible even under warrant. It will be hard to handle the public relations the first time anyone of the standard list of "think of the children!" group of criminals starts to use your services. -- Kelly John Rose Mississauga, ON Phone: +1 647 638-4104 Twitter: @kjrose Document contents are confidential between original recipients and sender. ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
Re: [Cryptography] RSA equivalent key length/strength
On 22/09/2013 2:00 PM, Stephen Farrell wrote: > > On 09/22/2013 01:07 AM, Patrick Pelletier wrote: >> "1024 bits is enough for anyone" > That's a mischaracterisation I think. Some folks (incl. me) > have said that 1024 DHE is arguably better that no PFS I would argue that 1024 DHE is worse than no PFS, for the same reason that using DES is a bad move. It is likely to be inherently insecure and provides a higher sense of security than is valid for the situation. By insisting that 1024 to be ok, you are, in theory, permitting people to feel comfortable with an insecure system. I have always approached that no encryption is better than bad encryption, otherwise the end user will feel more secure than they should and is more likely to share information or data they should not be on that line. By insisting on 2048 (or higher), you force the issue and ensure that the overall network is more secure. -- Kelly John Rose Mississauga, ON Phone: +1 647 638-4104 Twitter: @kjrose Document contents are confidential between original recipients and sender. ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography