Victor Duchovni [EMAIL PROTECTED] writes:
Generally it is enough for a TLS server or client to present its own
certificate and all *intermediate* CA certificates, sending the root CA cert
is optional, because if the verifying system trusts the root CA in question,
it has a local copy of that root
At 9:30 PM +1300 1/25/07, Peter Gutmann wrote:
=?UTF-8?B?SXZhbiBLcnN0acSH?= [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
http://www.csrc.nist.gov/pki/HashWorkshop/index.html
I'm completely unfamiliar with the way NIST operates, but I've been wondering
for years why they haven't
On Fri, Jan 26, 2007 at 07:06:00PM +1300, Peter Gutmann wrote:
Victor Duchovni [EMAIL PROTECTED] writes:
Generally it is enough for a TLS server or client to present its own
certificate and all *intermediate* CA certificates, sending the root CA cert
is optional, because if the verifying
I was surprised to discover that one of James Randi's million dollar
paranormal challenges is protected by a surprisingly weak (dictionary-
based) commitment scheme that is easily reversed and that suffers from
collisions. For details, see my blog entry about it: