Re: TLS break

2009-11-11 Thread Chimpy McSimian IV, Esq.
On Mon, Nov 9, 2009 at 5:08 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: attack, checking Referrer headers is no longer effective, so anti-CSRF defenses have to be more sophisticated (they *should* of course be more Checking the Referer header never was effective. It's not even

Re: TLS break

2009-11-11 Thread dan
| | This is the first attack against TLS that I consider to be | the real deal. To really fix it is going to require a change to | all affected clients and servers. Fortunately, Eric Rescorla | has a protocol extension that appears to do the job. | ...silicon... --dan

Re: hedging our bets -- in case SHA-256 turns out to be insecure

2009-11-11 Thread Sandy Harris
On 11/8/09, Zooko Wilcox-O'Hearn zo...@zooko.com wrote: Therefore I've been thinking about how to make Tahoe-LAFS robust against the possibility that SHA-256 will turn out to be insecure. NIST are dealing with that via the AHS process. Shouldn't you just use their results? We could use a

Re: Crypto dongles to secure online transactions

2009-11-11 Thread Matt Crawford
On Nov 10, 2009, at 8:44 AM, Jerry Leichter wrote: Whether or not it can, it demonstrates the hazards of freezing implementations of crypto protocols into ROM: Imagine a world in which there are a couple of hundred million ZTIC's or similar devices fielded - and a significant