-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Aug 29, 2013, at 3:43 AM, Jerry Leichter wrote:
> - If I need to change because the private key was compromised, there's
> nothing I can do about past messages; the question is what I do to minimize
> the number of new messages that will arrive
Please stop using that stupid "Reply All" function; I'm on the list, and
will hence see your reply anyway.
I don't need my own bloody personal copy of it.
-- Dave
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailm
On Thu, Aug 29, 2013 at 01:53:29PM -0700, Taral wrote:
> Oh, wait. I misread the requirement. This is a pretty normal
> requirement -- your reverse DNS has to be valid. So if you are
> 3ffe::2, and that reverses to abc.example.com, then abc.example.com
> better resolve to 3ffe::2.
Right, so if you
Communicating public keys: A functional specification
A functional specification tells us how the user uses it, what he sees,
and what it does for him. It does not tell us how we manage to do it
for him.
The problem is that you want to tell someone over the phone, or on a
napkin, or face t
Oh, wait. I misread the requirement. This is a pretty normal
requirement -- your reverse DNS has to be valid. So if you are
3ffe::2, and that reverses to abc.example.com, then abc.example.com
better resolve to 3ffe::2.
On Thu, Aug 29, 2013 at 1:38 PM, Phillip Hallam-Baker wrote:
>
>
>
> On Thu, A
On Thu, Aug 29, 2013 at 3:31 PM, Callme Whatiwant wrote:
> Hello, I'm new here, so I apologize if I'm repeating past arguments or
> asking old questions.
>
>
> On Tue, Aug 27, 2013 at 8:52 PM, Jerry Leichter wrote:
> >
> > On Aug 27, 2013, at 9:48 PM, Perry E. Metzger wrote:
> >
> >> On Tue, 27 A
On Thu, Aug 29, 2013 at 4:46 PM, Perry E. Metzger wrote:
> Taking a break from our discussion of new privacy enhancing protocols,
> I thought I'd share something I've been mumbling about in various
> private groups for a while. This is almost 100% on the security side
> of things, and almost 0% on
On Thu, Aug 29, 2013 at 4:53 PM, Taral wrote:
> Oh, wait. I misread the requirement. This is a pretty normal
> requirement -- your reverse DNS has to be valid. So if you are
> 3ffe::2, and that reverses to abc.example.com, then abc.example.com
> better resolve to 3ffe::2.
>
> On Thu, Aug 29, 2013
On Thu, Aug 29, 2013 at 1:30 PM, Perry E. Metzger wrote:
> On Wed, 28 Aug 2013 20:04:34 +0200 Faré wrote:
> > One thing that irks me, though, is the problem of the robust, secure
> > terminal: if everything is encrypted, how does one survive the
> > loss/theft/destruction of a computer or harddri
Taking a break from our discussion of new privacy enhancing protocols,
I thought I'd share something I've been mumbling about in various
private groups for a while. This is almost 100% on the security side
of things, and almost 0% on the cryptography side of things. It is
long, but I promise that I
On Thu, Aug 29, 2013 at 1:59 PM, Taral wrote:
> On Wed, Aug 28, 2013 at 12:08 PM, Lucky Green
> wrote:
> > "Additional guidelines for IPv6
> >
> > The sending IP must have a PTR record (i.e., a reverse DNS of the
> sending IP) and it should match the IP obtained via the forward DNS
> resolution
On Thu, Aug 29, 2013 at 01:30:35PM -0400, Perry E. Metzger wrote:
>
> So, as has been discussed, I envision people having small cheap
> machines at home that act as their "cloud", and the system prompting
> them to pick a friend to share encrypted backups with.
The Least-Authority Filesystem is d
On Thu, Aug 29, 2013 at 4:27 AM, ianG wrote:
> Hi Phill,
>
>
> On 28/08/13 21:31 PM, Phill wrote:
>
>> And for a company it is almost certain that 'secure against intercept by
>> any government other than the US' is an acceptable solution.
>>
>
>
> I think that was acceptable in general up until
Hello, I'm new here, so I apologize if I'm repeating past arguments or
asking old questions.
On Tue, Aug 27, 2013 at 8:52 PM, Jerry Leichter wrote:
>
> On Aug 27, 2013, at 9:48 PM, Perry E. Metzger wrote:
>
>> On Tue, 27 Aug 2013 22:04:22 +0100 "Wendy M. Grossman"
>> wrote:
>>> On 08/27/2013 18
On Wed, Aug 28, 2013 at 12:08 PM, Lucky Green wrote:
> "Additional guidelines for IPv6
>
> The sending IP must have a PTR record (i.e., a reverse DNS of the sending IP)
> and it should match the IP obtained via the forward DNS resolution of the
> hostname specified in the PTR record. Otherwise,
On Thu, Aug 29, 2013 at 7:15 AM, Jerry Leichter wrote:
> On Aug 28, 2013, at 2:04 PM, Faré wrote:
> >> My target audience, like Perry's is people who simply can't cope with
> anything more complex than an email address. For me secure mail has to look
> feel and smell exactly the same as current m
On Aug 28, 2013, at 2:04 PM, Faré wrote:
>> My target audience, like Perry's is people who simply can't cope with
>> anything more complex than an email address. For me secure mail has to look
>> feel and smell exactly the same as current mail. The only difference being
>> that sometime the secu
On Aug 28, 2013, at 11:03 AM, Jonathan Thornburg wrote:
> On Wed, 28 Aug 2013, Jerry Leichter wrote:
>> On the underlying matter of changing my public key: *Why* would I have
>> to change it? It's not, as today, because I've changed my ISP or employer
>> or some other random bit of routing info
> Since forward and reverse DNS will rarely match for IP addresses used by
> individuals
> rather than service providers, this change precludes home users of
> IPv6 from sending email to Gmail acccount.
> Note that this new restriction imposed by Gmail only applies to IPv6
> addresses, not
> I
Hi Phill,
On 28/08/13 21:31 PM, Phill wrote:
And for a company it is almost certain that 'secure against intercept by any
government other than the US' is an acceptable solution.
I think that was acceptable in general up until recently. But, I
believe the threat scenario has changed, and f
On Wed, 28 Aug 2013 10:43:24 -0400 Jerry Leichter
wrote:
> On Aug 28, 2013, at 8:34 AM, Perry E. Metzger wrote:
>
> > On Tue, 27 Aug 2013 23:39:51 -0400 Jerry Leichter
> > wrote:
> >> It's not as if this isn't a design we have that we know works:
> >> DNS.
> Read what I said: There's a *design*
On Thu, 29 Aug 2013 01:18:59 +1000 (EST) Dave Horsfall
wrote:
> On Wed, 28 Aug 2013, Perry E. Metzger wrote:
>
> > Anyway, I've already started implementing my proposed solution to
> > that part of the problem. There is still a need for a distributed
> > database to handle the lookup load, though
On Wed, 28 Aug 2013 20:04:34 +0200 Faré wrote:
> One thing that irks me, though, is the problem of the robust, secure
> terminal: if everything is encrypted, how does one survive the
> loss/theft/destruction of a computer or harddrive?
So, as has been discussed, I envision people having small che
23 matches
Mail list logo
