--
In the SSL thread various solutions were proposed, or
rather existing solutions pointed to:
1. SSH just works. So generalizing from the success
of SSH, the browser should remember who you have
relationships with, and the keys of the people you have
relationships with. To avoid the
Interview with OpenSSH developer:
http://www.securityfocus.com/columnists/375
Summary: Arbitrary layer 2/3 tunnelling using tun(4) interfaces over
ssh. Various changes to reduce attack possibilities. My first
encounter with the term attack surface.
Commentary: TCP over TCP --- retransmit
On Tue, Dec 27, 2005 at 11:34:15PM +, Ben Laurie wrote:
If you don't have sufficient plain/ciphertext, then of course you can
choose incorrect pairs.
Yep - that's my point. The thing to note is that for an arbitrary
permutation, knowing the image of n plaintexts tells you (almost)
nothing
Hey boys and girls! Want to help your country defeat that mean old
Osama? Then check out the National Security Agency's CryptoKids web site
(http://www.nsa.gov/kids/):
On this site, you can learn all about codes and ciphers, play lots
of games and activities, and get to know each of us -
In message [EMAIL PROTECTED], James A. Donald writes:
--
You wrote:
2. Phishers are after shared secrets, so secure each
shared secret, and thus each relationship, with
SRP-TLS-OpenSSL This also requires that establishing a
relationship, and verifying a shared secret, should be
part of