On Tue, May 31, 2005 at 06:43:56PM -0400, Perry E. Metzger wrote:
> > So we need to see a "Choicepoint" for listening and sniffing and so
> > forth.
>
> No, we really don't.
Perhaps we do - not so much as a source of hard statistical data, but
as a source of hard pain.
People making (uninformed
Daniel Carosone <[EMAIL PROTECTED]> writes:
> On Tue, May 31, 2005 at 06:43:56PM -0400, Perry E. Metzger wrote:
>> > So we need to see a "Choicepoint" for listening and sniffing and so
>> > forth.
>>
>> No, we really don't.
>
> Perhaps we do - not so much as a source of hard statistical data, but
J.A. Terranson wrote:
So, how long before someone, possibly even me, points out that all
Checkpoint software is built in Israel?
Nicely put, but I think not quite fair. From friends in financial and
other companies in the states and otherwise, I hear that Trojans are
very common there as wel
On Wednesday 01 June 2005 10:35, Birger Tödtmann wrote:
> Am Dienstag, den 31.05.2005, 18:31 +0100 schrieb Ian G:
> [...]
>
> > As an alternate hypothesis, credit cards are not
> > sniffed and never will be sniffed simply because
> > that is not economic. If you can hack a database
> > and lift 10
On Tuesday 31 May 2005 23:43, Anne & Lynn Wheeler wrote:
> in most business scenarios ... the relying party has previous knowledge
> and contact with the entity that they are dealing with (making the
> introduction of PKI digital certificates redundant and superfluous).
Yes, this is directly what
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Peter Gutmann
> Sent: Tuesday, May 31, 2005 1:29 PM
>
> >In this situation, I believe that the users, through hard won
> >experience with computers, _correctly_ assumed this was a
> >false positive.
>
> Probably not.
> [SNIP tex
Ian G writes:
|
| In the end, the digital signature was just crypto
| candy...
|
On the one hand a digital signature should matter more
the bigger the transaction that it protects. On the
other hand, the bigger the transaction the lower the
probability that it is between strangers who have
On Tuesday 31 May 2005 23:43, Perry E. Metzger wrote:
> Ian G <[EMAIL PROTECTED]> writes:
Just on the narrow issue of data - I hope I've
addressed the other substantial points in the
other posts.
> > The only way we can overcome this issue is data.
>
> You aren't going to get it. The companies th
Hi Birger,
Nice debate!
On Wednesday 01 June 2005 13:52, Birger Tödtmann wrote:
> Am Mittwoch, den 01.06.2005, 12:16 +0100 schrieb Ian G:
> [...]
>
> > The point is this: you *could*
> > turn off SSL and it wouldn't make much difference
> > to actual security in the short term at least, and may
On Tuesday 31 May 2005 19:38, Steven M. Bellovin wrote:
> In message <[EMAIL PROTECTED]>, Ian G writes:
> >On Tuesday 31 May 2005 02:17, Steven M. Bellovin wrote:
> >> In message <[EMAIL PROTECTED]>, "James A. Donald" writes:
> >> >--
> >> >PKI was designed to defeat man in the middle attacks
>
10 matches
Mail list logo