Re: [cryptography] Paris Attacks Blamed on Strong Cryptography and Edward Snowden
On Thu, 2015-11-19 at 06:21 +, mtm wrote: > how did hominids manage prior to crypto? The same way we managed before writing -- ciphers of various kinds have been in use for all of recorded history. -- Ben signature.asc Description: This is a digitally signed message part ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Can we move to a forum, please?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Tue, 24 Dec 2013 16:44:24 -0500 Greg g...@kinostudios.com wrote: Thoughts? Can we please *not* do this? Web forums are horribly annoying places where we must deal with some other person's conception of what a good client should look like. Frankly, after everything that has happened this year, we should be seeking a more distributed solution, not an even more centralized one than mailing lists. - -- Ben - -- Benjamin R Kreuter KK4FJZ - -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) iQIcBAEBCgAGBQJSugHoAAoJEP3W2K8t6K+jNNcP/iUOFLBkewy3NzZaaN+u65ZT otDGX7+SHFP9u/3CRu+tXhaatiyGkahH5/jZk+uqdEp329r01prV6KFf411zI9mf pRL91NFCRbq4917tN5ezKcSu1BJmJIqs2GWCdA2gbxKETyNf8RluCf5mEzJ3ta27 l6z+/yQR2xOMnbOwFftyXbR3k7NL+gCWqjRuoEXxW06D1zc35y7YAidKcsuyKDMp J3V04AgdKoFEPRhB3pdGIlSlaS8hCNWKL23V5hU0LfiznblnmMdAblIvmATVBajy Rmt+Y3rOWp841UBFsyrEIkAkAQWtPxPdWbVOvgaLXhoPM/U9eJn27pP6CKaMUgBH Df5YE0IU2y/Saa+4A9Y6EJihySst1WkmmrjcaS/JQReje+25AD9I+4fedXoFKlLt qAkqaOLMTDMhGcBB+VSzNVixI78Z6kjATd3sOpyvK8sNvSF27QEG4MN5LCPA724A WAp6ceEkVfNr0xGm7m4QHryk/R/hi0uVuPfWsItrfVYGyUTdTg7IDrYiC/NzjXa3 b3DUKB19+CT4gc+uDn8hJ7KQGBP11P4bQPbZ2sPNx0Cl9Z5i3OJUY0/48HQ/48Yk zACwsuAQJV3EJgVqvlBhqyiMpHROreqlX8IE14kxRcK+L7bYWcZ7Kw1u/rHcGdXD tFI3R6kwCF0TuBA5k8VQ =7Uor -END PGP SIGNATURE- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] open letter to Phil Zimmermann and Jon Callas of Silent Circle, re: Silent Mail shutdown
On Sat, 17 Aug 2013 12:30:40 +0300 ianG i...@iang.org wrote: This was always known as the weakness of the model. The operator could simply replace the applet that was downloaded in every instance with one that had other more nefarious capabilities. There were thoughts and discussions about how to avoid that, but a simple, mass market solution was never found to my knowledge [0] which rendered the discussions moot. I don't think the company ever sought to hide that vulnerability. Also, that vulnerability was rather esoteric as it required quite serious levels of cooperation. So the bar was still high. I am not sure I see how serious levels of cooperation would be required. Adding a backdoor to the Java applet that forwards a passphrase or secret key to Hushmail does not sound terribly hard to do (it sounds like less than 10 lines of code). It sounds like something that would almost certainly be done if the company ever decided to build a lawful interception system. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] skype backdoor confirmation
On Tue, 21 May 2013 14:17:02 +1000 James A. Donald jam...@echeque.com wrote: Police install malware by black bagging, and by the same methods as botnets. Both methods are noticeable. I do not think the following scenario is terribly far-fetched: Suppose the police want to target a grad student in a CS department at a major university. The police enter the server room, insert some malware into the student's research group's git repository, and waits for the student to merge the changes. The next time the student runs whatever code she is working on, the malware will be installed; the malware then installs a keystroke logger, enables the microphone, etc. The malware can be even more secretive, only activating on a specific computer (the target's) or perhaps the police could modify the software on the server to only send the malware to the target. Now, let's change this somewhat. Instead of sneaking into a server room (or presenting the school with a court order), the police compromise another grad student's computer, and simply commit their malware to the group's repository (do you think researchers actually read commit logs, when they have a deadline in a few days?). Now suppose instead of the police, it is a foreign government trying to get secret research data. Maybe instead of targeting one research group, they just target, say, anyone who keeps Matlab source code in a git repository. Now suppose that instead of researchers, it is a political activist group, and instead of a git repository, it is a shared PDF (let's just assume that Acrobat has an exploitable vulnerability). Maybe the malware will spread by inserting itself into *every* PDF that the user sends out. Police and other state-sponsored malware typically target specific people or groups of people, and usually for surveillance and espionage purposes. That is very different from your typical spammer or criminal botnet. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [info] The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)
On Sat, 24 Mar 2012 02:29:30 -0500 Marsh Ray ma...@extendedsubset.com wrote: If you're looking for someplace to feel subversive around, this isn't it. Crypto is a mainstream engineering discipline these days, and one greatly needed by modern civilization. Unfortunately, there is still a great deal of resistance to the notion that cryptography is something that people should have, at least cryptography without backdoors. When last I checked, the Department of Justice was still pushing communication service providers to include some sort of back door, so that law enforcement agencies can decrypt the encrypted communications of suspects in criminal cases. They basically think that the Hushmail model is the right one: http://judiciary.house.gov/hearings/hear_02172011.html (Apologies for the length; the summary is this: the FBI is worried about criminals or terrorists using encryption to hide their communications from law enforcement and national security agencies, as well as the lack of CALEA-style systems on the Internet. They as asking for a law that requires communications service providers to provide plaintexts if it is possible to do so e.g. Hushmail-style decryption. The FBI insists that they are not talking about key escrow or key recovery, and they avoid using the term back door to describe what they want.) Even worse, here at UVA we had a graduate student who was denied entry because he traveled to a cryptography conference (he is here on a student visa, and is a Chinese citizen). The State Department would not allow him to come back to school unless he switched fields and stopped doing computer security work. He is working on wireless sensor networks now -- clearly a field that could not possibly have any national security implications. The law has definitely improved over what cryptographers faced in the 90s, but the attitudes have not. The US government still wants a system where encrypted communications can be arbitrarily decrypted, they just dress up the argument and avoid using dirty words like key escrow. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] (off-topic) Bitcoin is a repeated lesson in cryptography applications - was endgame
On Sun, 26 Feb 2012 08:48:05 -0500 d...@geer.org wrote: Well put, James. Warren Buffet's arguments are, to my eye, aligned with yours. He argues that gold has no intrinsic value, unlike farmland or a company like Coca Cola. In that way, his evaluation is as instrumentalist as is yours, to the extent that I understand the both of you. His discussion of gold, per se, is getting some press. See 2011 shareholder letter www.berkshirehathaway.com/letters/2011ltr.pdf What I would add to your analysis of fiat currency is to agree that nails, moonshine liquor, and antibiotics are replacements for fiat currency, but I must also note that the modern economy is all but totally dependent on large enterprises which, because of their largeness alone, simply cannot engage in barter. It is not just about big business, it is also about maintaining a functioning government. There is too much specialization in society for courts to assign damages in terms of nails, whiskey, cattle, rice, or whatever else. How does the government assess a fine in terms of barter? Money and government go hand in hand. Governments need money in order to manage taxes, fees, fines, and so forth; yet money becomes valuable because of the legal structure that surrounds it, which is as true for gold as it is for fiat currency. Even if you could become completely self sufficient, to the point of not have to trade with anyone, you would still need to pay taxes and fees (property taxes, hunting license fees, etc.), and you will need to make those payments in a manner that is accepted by the government (i.e. the money issued by the government). Barter systems, de facto currencies and so forth only work on small scales. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] (off-topic) Bitcoin is a repeated lesson in cryptography applications - was endgame
On Sun, 26 Feb 2012 17:57:14 +1000 James A. Donald jam...@echeque.com wrote: On 2012-02-26 1:18 AM, Benjamin Kreuter wrote: The demand for Bitcoin as a currency is driven by its properties as a digital cash system; people still need to get their nation's currency at some point Frau Eisenmenger writes in her 1919 diary: I am not denying that when governments mismanage currencies, crises and failures ensue. This is true of all things governments manage: when mistakes are made, large numbers of people wind up suffering. However, the failure of some countries' currencies does not mean that people are going to switch from their nation's currency to Bitcoin. If the US Dollar were to fail, Bitcoin would be the last thing on anyone's mind; we would probably wind up switching to some other government's currency while we sorted out the mess (Yuan perhaps), or we would just spend our time killing each other and not worrying too much about money. Perhaps you just need a short list of reasons why Bitcoin is not going to replace government issued currencies: 1. No offline transactions, which makes Bitcoin useless for a large class of transactions. 2. Fixed upper bound on the number of currency units, which creates deflationary trends as economies and populations grow. 3. No governments allow tax payments made using Bitcoin, and there is no incentive for them to do so. Even if everyone used Bitcoin for day-to-day trades, they would still have to pay property taxes or face arrests, property seizures, etc. When the government becomes too ineffective to enforce its own laws, then Bitcoin might have a chance, but only as a way to manage trade in some foreign nations' currencies (who will still want to trade with people in the region where the government failed), and that is assuming that online transactions can even happen in such a situation. Now, I will grant you this: there is a very, very, very remote possibility that every fiat currency in the entire world will fail simultaneously, and that instead of shooting each other people will continue to engage in trade (and that the Internet survives the mess). Even in that case, there will need to be some currency for offline transactions, and so even then Bitcoin will be relegated to second place. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] (off-topic) Bitcoin is a repeated lesson in cryptography applications - was endgame
On Sun, 26 Feb 2012 11:00:15 -0500 Bill St. Clair billstcl...@gmail.com wrote: On Sun, Feb 26, 2012 at 10:08 AM, Benjamin Kreuter brk...@virginia.edu wrote: On Sun, 26 Feb 2012 08:48:05 -0500 d...@geer.org wrote: Money and government go hand in hand. Governments need money in order to manage taxes, fees, fines, and so forth; yet money becomes valuable because of the legal structure that surrounds it, which is as true for gold as it is for fiat currency. Even if you could become completely self sufficient, to the point of not have to trade with anyone, you would still need to pay taxes and fees (property taxes, hunting license fees, etc.), and you will need to make those payments in a manner that is accepted by the government (i.e. the money issued by the government). Barter systems, de facto currencies and so forth only work on small scales. You've just made a very good argument for eliminating money, at least government issued money. Yes, governments just love to assess taxes, fees, and fines. No, I have no need of any of that. I do not follow your argument -- how does eliminating government issued money stop governments from collecting taxes and fees? Governments whose currencies fail sometimes switch to the currencies issued by other governments; there are quite a few nations that use US Dollars instead of issuing their own money. You may not like the idea of fines or fees, but how would you propose courts manage disputes between people? Suppose I fail to maintain my house, and a piece of it falls off and damages your house -- should you have to pay for my negligence? If I raise cattle and you write software, what should I give you -- a cow perhaps? Perhaps I should pay for a repairman to come and fix things -- but what if you do not like the person I choose? We have judges and courts to help us resolve these sorts of disputes, and money is a great way to ease these sorts of disputes. You may disagree with the taxes you pay, the fines that are issued, and so forth -- but would you really want to have a tax collector come and rate the quality of your work, and then take the products of that work as a form of tax payment? Do you want to see people imprisoned, enslaved, tortured, etc. instead of paying fines? I also disagree with the laws in this country, but the solution is not do away with money or switch to Bitcoin. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] US Appeals Court upholds right not to decrypt a drive
On Sat, 25 Feb 2012 05:30:57 +1000 James A. Donald jam...@echeque.com wrote: So: Don't talk to police about the contents of your drive, or indeed anything of which they might potentially disapprove. I believe that you meant to say, Don't talk to the police at all, which should be standard policy for anyone who finds themselves under arrest. There is no advantage in talking to the police once you have been arrested, nothing you say will help in your defense and you are not going to talk your way out of an arrest. The odds are stacked against you during a police interview -- you are talking to people who have been trained to extract confessions, who are being paid to sit there interrogating you, and who will pick through what you say to find incriminating statements. Stay quiet, speak only to your attorney, and let your attorney speak on your behalf; you cannot be penalized for exercising your rights, nor can the fact that you refused to speak be introduced as evidence against you (at least in the United States). -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Homomorphic split-key encryption OR snake oil crypto
On Sun, 19 Feb 2012 17:08:25 +0100 Florian Weimer f...@deneb.enyo.de wrote: * Saqib Ali: Can somebody explain me how this so-called Homomorphic split-key encryption works? Isn't this just a protocal which performs a cryptographic primitive using split key material, without actually recombining the keys? (Traditional Shamir secret sharing needs a trust party for key recombination.) If yes, you might want to look for RSA Threshold Cryptography and similar work. What is the point of introducing homomorphic encryption here? When last I checked, we were still pretty far from practical FHE systems, and we have not really determined the appropriate security parameters for the systems we are aware of now. It is telling that the company in the link provides few details about their system, except so say that homomorphic encryption is something they plan to deploy in the future. Maybe they are talking about oblivious AES from garbled circuits, although I am not really sure what the advantage of such a thing might be. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] trustwave admits issuing corporate mitm certs
On Sun, 12 Feb 2012 05:57:02 -0500 Jeffrey Walton noloa...@gmail.com wrote: On Sun, Feb 12, 2012 at 5:43 AM, Krassimir Tzvetanov mailli...@krassi.biz wrote: While I'm not a lawyer and my opinion is in noway authoritive I do not believe there is any violation. They ay be an accessory to a potential crime but they themselves did not do the tapping. Now on the other hand those companies that did the tapping should be OK for as long as they are clear with the employees that they cannot expect privacy, which usually is the case. Usually this is in the paperwork you sing when you start working there in the section privacy policy. Two questions: (1) How can a company actively attack a secure channel and tamper with communications if there are federal laws prohibiting it? It seems to me they can only take the role of passive adversaries and still comply with US law, Plenty of companies install monitoring software on their employees' workstations and listen to employee phone calls, which is generally legal: https://www.privacyrights.org/fs/fs7-work.htm (2) Did the other end of the SSL/TLS tunnel also agree to be monitored? Does that matter? -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu KK4FJZ -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Gregory Perry's follow-up to the FBI OpenBSD / OCF backdoors thread
On Mon, 16 Jan 2012 18:47:06 +1300 Peter Gutmann pgut...@cs.auckland.ac.nz wrote: Harald Hanche-Olsen han...@math.ntnu.no writes: Maybe it's just me, but I find myself unable to make sense of this part: [...] one mathematical vulnerability in the RSA encryption algorithm related to changing the base numbering system of the resulting RSA modulus after a block of plaintext had been encrypted I thought it was positively sensible compared to: a fellow by the name of Ross Pirasteh, who was either the Prime Minister of Finance for the Shah of Iran or actually the Shah of Iran himself. As the story goes, Ross and his family were snuck out of Iran rolled up in Persian rugs just prior to or during the 1979 revolution Perhaps this leak was actually a chapter from an upcoming spy novel? -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Complying with GPL V3 (Tivoization)
On Sun, 8 Jan 2012 22:46:13 -0500 Jeffrey Walton noloa...@gmail.com wrote: Hi All, I was reading on CyanogenMod (a custom ROM project for Android) and The story behind the mysterious CyanogenMod update (http://lwn.net/Articles/448134/). Interestingly, it seems some privaye keys were circulated to comply with GPL V3 with some nasty side effects (could anything else be expected?). My understanding is that this is not necessary for GPLv3 compliance, as the license does not require the disclosure of private keys (which would undermine the entire package signing system used by GNU/Linux distributions) but instead requires that people be allowed to modify the software configuration of the system. That could mean allowing unsigned software to be installed or allowing a user to add their own public keys to their system. Some interesting points were brought up, including how to comply with GPL V3. Someone else made the same point that I made above: there is nothing in the GPLv3 that requires the release of private keys. It only requires that users be allowed to install, modify, or remove software. Is anyone aware of papers on integrity/signature schemes or protocols tailored for GPL V3? Or does this reduce to (1) allow the hardware/firmware to load additional [trusted] public keys; or (2) provide the private key for the hardware? Like I said, you can allow users to add additional trusted keys to the system, or you can allow users to run unsigned code. The only situation that would necessitate publishing a private key would be if the hardware itself refused to run code that was not signed by a single, fixed key -- and then GPLv3 compliance will be the least of your problems. -- Ben Jeff ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)
On Tue, 6 Dec 2011 12:34:37 +0100 Adam Back a...@cypherspace.org wrote: Kids figure this stuff out getting through site restrictions on school wifi also. Some schools try to block popular web games.. eg runescape. Let us not discourage either the children or the schools! This sounds like an excellent way for children to pick up some technical skills and to learn about computer security. If we must condition our children to think that censorship is the norm, at least we can also provide them with some decent education in the process. -- Ben -- Benjamin R Kreuter UVA Computer Science brk...@virginia.edu -- If large numbers of people are interested in freedom of speech, there will be freedom of speech, even if the law forbids it; if public opinion is sluggish, inconvenient minorities will be persecuted, even if laws exist to protect them. - George Orwell signature.asc Description: PGP signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Math corrections
On 09/18/2011 05:11 PM, Marsh Ray wrote: B. If your threat model considers as an adversary government A, then you're in good company with governments B through Z. So all the comments on won't save you from The Government, while true, are also potentially writing off your biggest ally. Unless, of course, we continue to use the system as it exists today, where any trusted CA can sign a certificate for anyone. If a particular government supports a CA that is cooperative with that government, then either nobody in the world would be safe, or the system will fracture and we will not have a global PKI. C. At the end of the day, governments need to log into their VPNs and check their MS Outlook Web Access email remotely just like everybody else. Now consider that this applies to process engineers at power plants and chemical facilities too. When you hear US DHS people talking about national infrastructure vulnerable to cyber attack they are sincerely concerned about this type of exposure. So the only trustworthy CAs will be the ones that sign certificates for power companies or other national security related entities? We need a system that can be used and trusted (to a reasonable degree) by everyone, not just big or important organizations. At some point, the influence of people on the defense side will outweigh those who benefit from the attack side. I doubt this will happen any time soon. Consider this official (and apparently still current) FAQ from the Department of Justice: http://www.justice.gov/criminal/cybercrime/cryptfaq.htm Yes, that was issued over a decade ago, but key recovery -- which we are meant to believe is not the same as key escrow -- remains the DOJ's goal when it comes to cryptography. There is also the more recent push by the Obama administration to create a system that allows law enforcement agencies to more easily hijack domain names. Now that the cat's out of the bag about PKI in general and there's an Iranian guy issuing to himself certs for www.*.gov seemingly at will, I think the current PKI system will not escape the black hole at this point, it crossed the event horizon sometime earlier this year. I doubt it. The cat has been out of the bag on how easily email can be forged for decades now, but how often do you receive digitally signed email? The cat has been out of the bag about running out of IPv4 addresses for many years, but IPv6 deployment has been sluggish. Without a strong incentive, these things will not change, and the PKI is no different. I doubt that the current PKI will be gone by the end of this decade -- criminal MITM attacks are just not in-your-face enough to generate a public outcry, and governments are not terribly interested in thwarting their own law enforcement agencies. -- Ben signature.asc Description: OpenPGP digital signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography