Walter van Holst writes:
>These are not rights that are solely vested in the exceptional Americans. The
>Bill of Tights [...]
For people unfamiliar with this one, it's the bit that reads:
Congress shall make no law respecting the wearing of hosiery, or prohibiting
the free exercise thereof;
On Wed, Sep 18, 2013 at 08:47:17PM +, Viktor Dukhovni wrote:
> On Wed, Sep 18, 2013 at 08:04:04PM +0100, Ben Laurie wrote:
>
> > > This is only realistic with DANE TLSA (certificate usage 2 or 3),
> > > and thus will start to be realistic for SMTP next year (provided
> > > DNSSEC gets off the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2013-09-14 08:53, Peter Fairbrother wrote:
> I get that 1024 bits is about on the edge, about equivalent to 80
> bits or a little less, and may be crackable either now or sometime
> soon.
Moti Young and others wrote a book back in the 90's (or per
On Sep 18, 2013, at 4:05 AM, ianG wrote:
> On 17/09/13 23:52 PM, John Kemp wrote:
>> On Sep 17, 2013, at 2:43 PM, Phillip Hallam-Baker
>>> I am sure there are other ways to increase the work factor.
>>
>> I think that "increasing the work factor" would often result in
>> switching the kind of
On 09/18/2013 01:31 PM, Walter van Holst wrote:
What makes me a tad bitter is that we apparantly live in a world with
two classes: US citizens and the subhuman rest of it. NSA-style
blanket surveillance violates the fundamental right to privacy and
ultimately also the fundamental right to freed
On Wed, Sep 18, 2013 at 08:04:04PM +0100, Ben Laurie wrote:
> > This is only realistic with DANE TLSA (certificate usage 2 or 3),
> > and thus will start to be realistic for SMTP next year (provided
> > DNSSEC gets off the ground) with the release of Postfix 2.11, and
> > with luck also a DANE-cap
On 9/18/13 at 6:08 AM, hal...@gmail.com (Phillip Hallam-Baker) wrote:
If I am trying to work out if an email was really sent by my bank then I
want a CA type security model because less than 0.1% of customers are ever
going to understand a PGP type web of trust for that particular purpose.
But i
On 18 September 2013 15:30, Viktor Dukhovni wrote:
> On Tue, Sep 17, 2013 at 11:48:40PM -0700, Christian Huitema wrote:
>
> > > Given that many real organizations have hundreds of front end
> > > machines sharing RSA private keys, theft of RSA keys may very well be
> > > much easier in many cases
On 9/18/13 10:44 AM, Phillip Hallam-Baker wrote:
The enterprise bridge control center certainly does not seem to be Hayden's
style either. Hayden is not the type to build a showboat like that.
Moving abit OT:
On the PBS Newshour coverage of this story, the showed the website of DBI
Architects wh
On 18/09/2013 01:50, John Gilmore wrote:
> Re Big Data: I have never seen data that could be abused by someone
> who didn't have a copy of it. My first line of defense of privacy is
> to deny copies of that data to those who would collect it and later
> use it against me. This is exactly the pol
On Tue, Sep 17, 2013 at 8:01 PM, John Gilmore wrote:
> Techdirt takes apart his statement here:
>
>
> https://www.techdirt.com/articles/20130917/02391824549/nsa-needs-to-give-its-rank-and-file-new-talking-points-defending-surveillance-old-ones-are-stale.shtml
>
> NSA Needs To Give Its Rank-and-
"Everybody has to write a statement. The statement that most convinces the
public that we're okay gets published and a big-o-bonus. You guys have 3
days."
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo
On 17/09/13 23:52 PM, John Kemp wrote:
On Sep 17, 2013, at 2:43 PM, Phillip Hallam-Baker
I am sure there are other ways to increase the work factor.
I think that "increasing the work factor" would often result in
switching the kind of "work" performed to that which is easier than
breaking se
A few clarifications
1) PRISM-Proof is a marketing term
I have not spent a great deal of time looking at the exact capabilities of
PRISM vs the other programs involved because from a design point they are
irrelevant. The objective is to harden/protect the infrastructure from any
ubiquitous, indis
Another consideration is that the NSA isn't the only bad actor out
there. Improving the robustness of TLS and other security protocols will
defend against other attacks.
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.c
On Tue, Sep 17, 2013 at 11:48:40PM -0700, Christian Huitema wrote:
> > Given that many real organizations have hundreds of front end
> > machines sharing RSA private keys, theft of RSA keys may very well be
> > much easier in many cases than broader forms of sabotage.
>
> Or we could make it easy
A level beyond marketing talk, but nowhere near technical detail. Still a bit
more than has been previously described. Links to some perhap
http://www.quora.com/Apple-Secure-Enclave/What-is-Apple%E2%80%99s-new-Secure-Enclave-and-why-is-it-important
There's a link to an ARM site with a reasonabl
On 18 Sep 2013 07:44, "Christoph Gruber" wrote:
>
> On 2013-09-17 Max Kington wrote:
>
>
> [snip]
> > Hence, store in the clear, keep safe at rest using today's archival
mechanism and when that starts to get dated move onto the next one
en-masse, for all your media not just emails.
> [snip]
>
> I
On Tue, 17 Sep 2013 23:48:40 -0700 "Christian Huitema"
wrote:
> > Given that many real organizations have hundreds of front end
> > machines sharing RSA private keys, theft of RSA keys may very
> > well be much easier in many cases than broader forms of sabotage.
>
> Or we could make it easy to h
On 2013-09-17 Max Kington wrote:
[snip]
> Hence, store in the clear, keep safe at rest using today's archival mechanism
> and when that starts to get dated move onto the next one en-masse, for all
> your media not just emails.
[snip]
I would tend to agree for environments with very high regul
On 18/09/13 00:56 AM, John Gilmore wrote:
Forwarded-By: David Farber
Forwarded-By: "Annie I. Anton Ph.D."
http://www.zdnet.com/nsa-cryptanalyst-we-too-are-americans-720689/
NSA cryptanalyst: We, too, are Americans
Speaking as a non-American, you guys have big problems concerning the
n
> Given that many real organizations have hundreds of front end
> machines sharing RSA private keys, theft of RSA keys may very well be
> much easier in many cases than broader forms of sabotage.
Or we could make it easy to have one separate RSA key per front end, signed
using the main RSA key of
22 matches
Mail list logo