Re: Yahoo releases internet standard draft for using DNS as public key server

Ian Grigg wrote: Dave Howe wrote: No - it means you might want to consider a system that guarantees end-to-end encryption - not just "first link, then maybe if it feels like it" That doesn't mean TLS is worthless - on the contrary, it adds an additional layer of both user authentication and sess

Re: Yahoo releases internet standard draft for using DNS as public key server

At 10:14 PM 5/30/2004, Peter Gutmann wrote: The S/MIME list debated this some time ago, and decided (pretty much unanimously) against it, for two reasosn. Firstly, because it adds huge ugly blobs of base64 crap to each message (and before the ECC fans leap in here, that still adds small ugly blobs

Re: The future of security

On Mon, May 31, 2004 at 08:27:49PM -0700, bear wrote: > >The point of an automated web of trust is that the machine is doing the > >accounting for you. > > Does it? If there were meaningful reputation accounting You got fooled by the present tense. If there was such an architecture, I wouldn't

Re: Software Helps Rights Groups Protect Sensitive Information

At 16:08 2004-05-31 -0400, Ivan Krstic <[EMAIL PROTECTED]> wrote: >This reminds me of a question I've been meaning to ask for a while. Has >there been any research done on encryption systems which encrypt two (or >n) plaintexts with n keys, producing a joint ciphertext with the >property that de

Re: Yahoo releases internet standard draft for using DNS as public key server

Dave Howe wrote: Ian Grigg wrote: Dave Howe wrote: > TLS for SMTP is a nice, efficient way to encrypt the channel. > However, it offers little or no assurance that your mail will > *stay* encrypted all the way to the recipients. That's correct. But, the goal is not to secure email to the extent

Re: Yahoo releases internet standard draft for using DNS as public key server

Ian Grigg wrote: Dave Howe wrote: > TLS for SMTP is a nice, efficient way to encrypt the channel. > However, it offers little or no assurance that your mail will > *stay* encrypted all the way to the recipients. That's correct. But, the goal is not to secure email to the extent that there is no

RE: Software Helps Rights Groups Protect Sensitive Information

>This reminds me of a question I've been meaning to ask for a while. Has >there been any research done on encryption systems which encrypt two (or >n) plaintexts with n keys, producing a joint ciphertext with the >property that decrypting it with key k[n] only produces the >nth plaintext? See

Re: Yahoo releases internet standard draft for using DNS as public key server

Dave Howe wrote: Peter Gutmann wrote: It *is* happening, only it's now called STARTTLS (and if certain vendors (Micromumblemumble) didn't make it such a pain to set up certs for their MTAs but simply generated self-signed certs on install and turned it on by default, it'd be happening even more).

Colossus reconstruction at Bletchley Park is finished.

(I had the privilege, along with a few other folks on this list, of seeing the reconstructed Colossus a couple of years ago up close while it was in an earlier phase of the work. The fact that the job is now finished is quite cool.) Return of Colossus marks D-Day By Jo Twist BBC News Online techn

Re: A National ID

On Mon, 31 May 2004, R. A. Hettinga wrote: > in most European countries, people carry national ID's as a matter of > course. And pressure is mounting in America for some kind of security card. Similarly, there is a push for ID cards in the UK at the moment. See http://www.stand.org.uk/ and http:/

Library talk on cryptography begins technology series

NEWS SEARCH The Princeton Packet Library talk on cryptography begins technology series By: Jennifer Potash , Staff Writer 06/01/2004 Expert promises a nontechnical approach. No decoder rings

Re: The future of security

On Mon, 31 May 2004, Eugen Leitl wrote: >> The bigger problem is that webs of trust don't work. >> They're a fine idea, but the fact is that nobody keeps >> track of the individual trust relationships or who signed > >The point of an automated web of trust is that the machine is doing the >accou

Re: Software Helps Rights Groups Protect Sensitive Information

This reminds me of a question I've been meaning to ask for a while. Has there been any research done on encryption systems which encrypt two (or n) plaintexts with n keys, producing a joint ciphertext with the property that decrypting it with key k[n] only produces the nth plaintext? In the par

Re: Software Helps Rights Groups Protect Sensitive Information

R. A. Hettinga wrote: To prevent loss or theft, the data is backed up automatically and redundantly on dedicated Martus servers in Manila, Toronto, Seattle and Budapest. Nobody can read the files without access to the original user's cryptography key and password -- with the exception of sophistica

Re: A National ID

R. A. Hettinga wrote: If we're going to move to a national identification card, we can't afford to do it badly. Now is the time to figure out how to create a card that helps identify people but doesn't rob them of a huge swath of their civil liberties in the process. Just watch how the british do i

Re: Yahoo releases internet standard draft for using DNS as public key server

I see that you are not interested in discussing the relative merits of STARTTLS vs. DomainKeys, but instead are just trying to push STARTTLS. I hope that Perry will see through your sales job, and will return your email to you, just as he will return this one to me. -russ [Moderator's note: No su

Re: Yahoo releases internet standard draft for using DNS as public key server

Peter Gutmann wrote: The S/MIME list debated this some time ago, and decided (pretty much unanimously) against it, for two reasosn. Firstly, because it adds huge ugly blobs of base64 crap to each message (and before the ECC fans leap in here, that still adds small ugly blobs of base64 crap to eac

Re: Yahoo releases internet standard draft for using DNS as public key server

Peter Gutmann wrote: It *is* happening, only it's now called STARTTLS (and if certain vendors (Micromumblemumble) didn't make it such a pain to set up certs for their MTAs but simply generated self-signed certs on install and turned it on by default, it'd be happening even more). TLS for SMTP is a

Re: Yahoo releases internet standard draft for using DNS as public key server

Ed Gerck wrote: No -- DomainKeys has nothingf to do with 'email cryptography'. They are S/MIME and PGP/MIME. I wouldn't say PGP/MIME (as opposed to pgp inline) was a widely enough used standard to be considered one of two options - pgp (both methods) certainly, but not pgp/mime exclusively.

Re: Yahoo releases internet standard draft for using DNS as public key server

Russell Nelson <[EMAIL PROTECTED]> writes: >Peter Gutmann writes: >> STARTTLS > >If Alice and Cathy both implement STARTTLS, and Beatty does not, and Beatty >handles email which is ultimately sent to Cathy, then STARTTLS accomplishes >nothing. If Uma and Wendy implement DomainKeys, and Violet does