Gmane -- Re: Why is Freenet so sick at the moment?

Re: Why is Freenet so sick at the moment? Subject : Re: Why is Freenet so sick at the moment? >From : Tracy R Reed <[EMAIL PROTECTED]> Date : Mon, 6 Oct 2003 00:29:41 -0700 Newsgroups :gmane.network.freenet.devel Reply-to : Discuss

Gopher Baroque

The Village Voice: Books: At 1,800-plus pages, Neal Stephenson's just getting started Gopher Baroque by John Giuffo October 6th, 2003 5:15 PM Quicksilver messenger: Stephenson (photo: Brian Smale) Quicksilver: Volume One of the Bar

Re: NCipher Takes Hardware Security To Network Level

> In fact, if you're clever, you can manage to not trouble yourself to get > the key-management, etc. certified, getting only the simple, symmetric-cipher > stuff run through the process. You can, but that doesn't mean that it's ok. Key management is explicitly covered under FIPS 140-2. If yo

Re: anonymity +- credentials

Anton Stiglic wrote: > > >We need a practical system for anonymous/pseudonymous > > >credentials. Can somebody tell us, what's the state of > > >the art? What's currently deployed? What's on the > > >drawing boards? > > > > The state of the art, AFAIK, is Chaum's credential system. > > The sta

Re: Simple SSL/TLS - Some Questions

Jill Ramonsky wrote: > First, the primary design goal is "simple to use". This is the highest goal of all. If it is not simple to use, it misses out on a lot of opportunities. And missing out results in less crypto being deployed. If you have to choose between simple-but-incomplete, versus co

Re: anonymous DH & MITM

At 03:38 PM 10/6/03 -0400, Ian Grigg wrote: >I'm asking myself whether "anonymous DH" is confusingly named. >Perhaps it should be called psuedonymous DH because it creates >psuedonyms for the life of the session? Or, we need a name >that describes the creation of psuedonyms, de novo, from >an anon

Re: Other OpenSSL-based crypto modules FIPS 140 validated?

Anecdotally, I've heard that there are many, but almost all of them were done by vendors for embedding in their proprietary products. At 12:38 PM 10/6/2003, Ronald Perez wrote: While at the NIST FIPS 140 site earlier today (looking for that mysterious nCipher certificate), I noticed that certific

Re: NCipher Takes Hardware Security To Network Level

I was asked by the author of this to forward it with the sender information removed. From: [someone] Subject: Re: NCipher Takes Hardware Security To Network Level On Mon, Oct 06, 2003 at 01:38:13PM -0400, R. A. Hettinga wrote: > > --- begin forwarded text > > > Status: U > Date: Mon, 06 Oct

Re: anonymous DH & MITM

Taral wrote: > > On Mon, Oct 06, 2003 at 11:43:21AM -0400, Anton Stiglic wrote: > > You started by talking about anonymous communication, but ended up > > suggesting a scheme for pseudonymous communication. > > > > Anonymous != pseudonymous. > > > > Let us be clear on that! > > It is an important

Other OpenSSL-based crypto modules FIPS 140 validated?

While at the NIST FIPS 140 site earlier today (looking for that mysterious nCipher certificate), I noticed that certificate #350 was issued last Friday -- for "IBM Crypto for C (ICC)". I think that the interesting thing about this crypto [SW] module and cert is that it's based on OpenSSL. I kno

Re: how to defeat MITM using plain DH, Re: anonymous DH & MITM

Jerrold Leichter wrote: > [Using multiple channels on the assumption that the MITM can't always get all > of them.] > > This is starting to sound like some very old work > ...[example deleted] 1948 sounds right? The mathematical basis for this approach is Shannon's Tenth Theorem of 1948. We are

Re: nCipher netHSM

--- begin forwarded text Status: U To: "R. A. Hettinga" <[EMAIL PROTECTED]> Subject: Re: nCipher netHSM From: Ronald Perez <[EMAIL PROTECTED]> Date: Mon, 6 Oct 2003 13:32:48 -0400 This looks like new packaging of an old/previously-announced product. The NIST FIPS 140 site (http://csrc.nist.g

Re: NCipher Takes Hardware Security To Network Level

--- begin forwarded text Status: U Date: Mon, 06 Oct 2003 12:40:41 -0400 From: Somebody To: "R. A. Hettinga" <[EMAIL PROTECTED]> Subject: Re: NCipher Takes Hardware Security To Network Level Don't identify me, since I'm not sure what parts of my NDA are still in force now that they've announc

Re: nCipher netHSM

This looks like new packaging of an old/previously-announced product. The NIST FIPS 140 site ( http://csrc.nist.gov/cryptval/140-1/1401val2003.htm) does not list this device as having undergone any FIPS validation. And from the pictures and specs, it looks like what they did was to put one of th

Re: [e-lang] Protocol implementation errors

On Thursday, Oct 2, 2003, at 17:50 US/Eastern, Bill Frantz wrote: From: -- Security Alert Consensus -- Number 039 (03.39) Thursday, October 2, 2003 Network Computing and the SANS Institute Powered by Neohapsis

NCipher Takes Hardware Security To Network Level

CRN -- Print This Article NCipher Takes Hardware Security To Network Level By Charlene O'Hanlon CRN 9:35 AM EST Mon., Oct. 06, 2003 NCipher Monday unveiled a network-level version of its nShield Hardware Security Module, a

Re: anonymous DH & MITM

On Mon, Oct 06, 2003 at 11:43:21AM -0400, Anton Stiglic wrote: > You started by talking about anonymous communication, but ended up > suggesting a scheme for pseudonymous communication. > > Anonymous != pseudonymous. > > Let us be clear on that! > It is an important difference. Yes it is. An ano

Re: Simple SSL/TLS - Some Questions

Florian Weimer <[EMAIL PROTECTED]> writes: > Jill Ramonsky wrote: > > My question is, how much of a problem is this for the embedded market? > > Have you looked at GNU Pth? It's a non-preemptive threading package > which should be reasonably portable. > > I don't know the TLS/ASN.1 formats by he

Re: Simple SSL/TLS - Some Questions

Jill Ramonsky wrote: > (1) THE LICENCE > > I confess ignorance in matters concerning licensing. The basic rules > which I want, and which I believe are appropriate are: A MIT-stlye license or a BSD-style license without advertizing clause would be appropriate. > (2) THE NAME > > Everything ne

Re: anonymous DH & MITM

- Original Message - From: "Jerrold Leichter" <[EMAIL PROTECTED]> To: "Tim Dierks" <[EMAIL PROTECTED]> Cc: "Jerrold Leichter" <[EMAIL PROTECTED]>; "Cryptography list" <[EMAIL PROTECTED]> Sent: Friday, October 03, 2003 8:19 PM Subject: Re: anonymous DH & MITM > | From: Tim Dierks <[EMAIL

Re: anonymous DH & MITM

- Original Message - From: "Jerrold Leichter" <[EMAIL PROTECTED]> To: "Anton Stiglic" <[EMAIL PROTECTED]> Cc: "Jerrold Leichter" <[EMAIL PROTECTED]>; "Cryptography list" <[EMAIL PROTECTED]>; "Tim Dierks" <[EMAIL PROTECTED]> Sent: Friday, October 03, 2003 4:51 PM Subject: Re: anonymous DH

Re: anonymity +- credentials

- Original Message - From: "bear" <[EMAIL PROTECTED]> To: "John S. Denker" <[EMAIL PROTECTED]> Cc: "R. A. Hettinga" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, October 03, 2003 6:05 PM Subject: Re: anonymity +- credentials > > > On Fri, 3 Oct 2003, John S. Denker wrote: > > >

Re: how to defeat MITM using plain DH, Re: anonymous DH & MITM

- Original Message - From: "Ed Gerck" <[EMAIL PROTECTED]> To: "Anton Stiglic" <[EMAIL PROTECTED]> Cc: "Jerrold Leichter" <[EMAIL PROTECTED]>; "Cryptography list" <[EMAIL PROTECTED]>; "Tim Dierks" <[EMAIL PROTECTED]> Sent: Friday, October 03, 2003 6:44 PM Subject: how to defeat MITM using

Re: Simple SSL/TLS - Some Questions

Jill Ramonsky <[EMAIL PROTECTED]> wrote: > > I confess ignorance in matters concerning licensing. The basic rules > which I want, and which I believe are appropriate are: > (i) Anyone can use it, royalty free. Even commercial applications. > (ii) Anyone can get the source code, and should be abl

nCipher netHSM

New nCipher netHSM Strengthens Market Leadership in Cryptographic Hardware Security nCipher redefines ROI for cryptographic security with first FIPS-validated shareable hardware security module nCipher plc (LSE:NCH) today announced the

Re: Simple SSL/TLS - Some Questions

Jill Ramonsky <[EMAIL PROTECTED]> writes: > Eric raised some points which I should address. First, he asked me > "You have read the RFC, right?". Well I guess I should be honest here > and say no, I hadn't done that yet. Maybe that's where I went wrong, > and would have asked fewer dumb questions

Re: [e-lang] Re: Protocol implementation errors

On Sunday, Oct 5, 2003, at 11:03 US/Eastern, Jonathan S. Shapiro wrote: Peter: I agree that ASN.1 is statically checkable, and that this is an important property. However, ASN.1 is notoriously hard to parse, which leads to errors. I take it you a saying that ASN.1 syntax is hard to parse? Having

Re: Protocol implementation errors

I agree with Peter. If we're concerned about security implications of a particular SW technique then obviously we should ban the C language and all the string libraries first ;-) John On 10/4/03 1:58, "Peter Gutmann" <[EMAIL PROTECTED]> wrote: > Bill Frantz <[EMAIL PROTECTED]> writes: > >> Thi

RE: Simple SSL/TLS - Some Questions

Hi. This is just a quick note to say that over the weekend I've done a lot of thinking about coding, and even some /actual/ coding, that I've re-read parts of Eric's book in somewhat more detail than I read it last time, and I've read all the various posts on the subject of "simple SSL". And at

Re: Protocol implementation errors

Jerrold Leichter <[EMAIL PROTECTED]> writes: >Both of these are helped by a well-specified low-level syntax. TLV encoding >lets you cross-check all sorts of stuff automatically, once, in low-level >calls. Ad hoc protocols scatter the validation all over the place - and some >of it will inevitabl

Seth Schoen posts paper on "trusted computing"

via boingboing: http://boingboing.net/2003_10_01_archive.html#106512302120071226 EFF's Trusted Computing white-paper My colleague Seth Schoen has finished his long-awaited, brilliant white-paper on Trusted Computing. Seth has been briefed as an outside technical analyst by all the companies wo

Interlock protocol chat program source code

/* interchat.c * * Two player chat program using the Interlock Protocol * * Based on Rivest and Shamir, "How to expose an eavesdropper", * Communications of the ACM, v 27 no 4 (Apr 1984), pp 393-395. * * Requires the free OpenSSL crypto library, from www.openssl.org. * * Warning: this is a

Re: [e-lang] Re: Protocol implementation errors

At 02:41 PM 10/5/2003 Sunday, Tyler Close wrote: >On Sunday 05 October 2003 11:03, Jonathan S. Shapiro wrote: >> Peter: >> >> I agree that ASN.1 is statically checkable, and that this is an >> important property. > >What exactly does it mean for a format to be "statically >checkable"? Peter's st