f...@mail.dnttm.ro writes:
> The idea is the following: we don't want to secure the connection,
Why not?
Using HTTPS is easier than making up some half-baked scheme that won't work
anyway.
--
http://noncombatant.org/
-
The C
On 8 September 2010 16:45, wrote:
>
> Hi.
>
> Just subscribed to this list for posting a specific question. I hope the
> question I'll ask is in place here.
>
> We do a web app with an Ajax-based client. Anybody can download the client
> and open the app, only, the first thing the app does is as
On 09/08/2010 10:45 AM, f...@mail.dnttm.ro wrote:
Hi.
Just subscribed to this list for posting a specific question. I hope
the question I'll ask is in place here.
Oh good, this makes me not the new guy now :-)
These seem like nice standard, authentication system design questions.
I'll give t
On Wed, Sep 08, 2010 at 05:45:26PM +0200, f...@mail.dnttm.ro wrote:
> We do a web app with an Ajax-based client. Anybody can download the
> client and open the app, only, the first thing the app does is ask for
> login.
>
> The login doesn't happen using form submission, nor does it happen via
> a
On Tue, Sep 07, 2010 at 10:22:57PM -0400, Jerry Leichter wrote:
> But there isn't actually such a thing as classical thermodynamical
> randomness! Classical physics is fully deterministic. Thermodynamics uses
> a probabilistic model as a way to deal with situations where the necessary
> infor
On Fri, Sep 3, 2010 at 10:29 AM, Jack Lloyd wrote:
> On Fri, Sep 03, 2010 at 09:45:20AM +0100, Ben Laurie wrote:
>
> ...narrow-pipe designs have a huge null space for messages
> which are exactly as big as the compression function input
> size. For instance hashing inputs that are multiples of 512
Hi.
Just subscribed to this list for posting a specific question. I hope the
question I'll ask is in place here.
We do a web app with an Ajax-based client. Anybody can download the client and
open the app, only, the first thing the app does is ask for login.
The login doesn't happen using form
On Tue, 7 Sep 2010 22:22:57 -0400 Jerry Leichter
wrote:
> On Sep 6, 2010, at 10:49 PM, John Denker wrote:
> > It's easy to pin down. If it's unpredictable to the attacker,
> > it's unpredictable enough for all practical purposes.
> I was talking about mathematical, even philosophical, underpinnin
On Sep 6, 2010, at 10:49 PM, John Denker wrote:
If you think about the use of randomness in cryptography, what
matters
isn't really randomness - it's exactly unpredictability.
Agreed.
This is a very
tough to pin down: What's unpredictable to me may be predictable to
you,
It's easy to pin