On Mar 16, 2008, at 7:52 PM, Ben Laurie wrote:
Dirk-Willem van Gulik wrote:
So I'd argue that while x509, its CA's and its CRL's are a serious
pain to deal** with, and seem add little value if you assume avery
diligent and experienced operational team -- they do provide a
useful
Mr Pink writes:
In Applied Crypto, the use of padding for CBC encryption is suggested
to be met by ending the data block with a 1 and then all 0s to the end
of the block size.
Is this not introducing a risk as you are essentially introducing a
large amount of guessable plaintext into the
| So at the company I work for, most of the internal systems have
| expired SSL certs, or self-signed certs. Obviously this is bad.
|
| You only think this is bad because you believe CAs add some value.
|
| Presumably the value they add is that they keep browsers from popping
| up scary
On Mar 17, 2008, at 10:06 AM, Leichter, Jerry wrote:
| So at the company I work for, most of the internal systems have
| expired SSL certs, or self-signed certs. Obviously this is bad.
|
| You only think this is bad because you believe CAs add some value.
|
| Presumably the value they add
