Perry E. Metzger wrote:
I've noted to others on this before that for an application like
the IP fragmentation id, it might be even better if no repeats
occurred in any block of 2^31 (n being 32) but the sequence did not
repeat itself (or at least could be harmlessly reseeded at very very
long
At 03:01 AM 9/7/2003 -0400, Ian Grigg wrote:
Reputedly, chargeback rates and fees in the fringe
industries - adult for example - can reach 50%. But,
instead of denying those uses of the card - hygiene -
issuers have encouraged it (...until recently. There is
now a movement, over the last year,
http://www.israel21c.org/bin/en.jsp?enPage=BlankPageenDisplay=viewenDispWhat=objectenDispWho=Articles%5El496enZone=TechnologyenVersion=0;
Israel21c
Code breakers crack GSM cellphone encryption
By ISRAEL21c staffSeptember 07, 2003
The faults discovered in the 850 million cellphones could
Eric Rescorla wrote:
Incidentally, when designing SHTTP we envisioned that credit
transactions would be done with signatures. I would say that
the Netscape guys were right in believing that confidentiality
for the CC number was good enough.
I don't think so. One of the things I'm running into
Eric Rescorla wrote:
Ian Grigg [EMAIL PROTECTED] writes:
Eric Rescorla wrote:
...
The other thing to be aware of is that ecommerce itself
is being stinted badly by the server and browser limits.
There's little doubt that because servers and browsers
made poorly contrived
Ed,
I've left your entire email here, because it needs to
be re-read several times. Understanding it is key to
developing protocols for security.
Ed Gerck wrote:
Arguments such as we don't want to reduce the fraud level because
it would cost more to reduce the fraud than the fraud costs are
Ian Grigg [EMAIL PROTECTED] writes:
Eric Rescorla wrote:
Ian Grigg [EMAIL PROTECTED] writes:
Eric Rescorla wrote:
...
The other thing to be aware of is that ecommerce itself
is being stinted badly by the server and browser limits.
There's little doubt that because
James A. Donald [EMAIL PROTECTED] writes:
--
On 7 Sep 2003 at 9:48, Eric Rescorla wrote:
It seems to me that your issue is with the authentication
model enforced by browsers in the HTTPS context, not with SSL
proper.
To the extent that trust information is centrally handled, as
It's nice to see someone 'discovering' what Lucky Green already figured-out
years ago. I wonder if they'll cut him a check.
-JD, II
Also sprach R. A. Hettinga aka [EMAIL PROTECTED] on 07.9.03 14:32 :
http://www.israel21c.org/bin/en.jsp?enPage=BlankPageenDisplay=viewenDispWha
At 09:44 AM 9/7/2003 -0700, Eric Rescorla wrote:
Incidentally, when designing SHTTP we envisioned that credit
transactions would be done with signatures. I would say that
the Netscape guys were right in believing that confidentiality
for the CC number was good enough.
actually was supposedly no
At 12:30 PM 9/7/2003 -0700, James A. Donald wrote:
To the extent that trust information is centrally handled, as
it is handled by browsers, it will tend to be applied in ways
that benefit the state and the central authority. Observe for
example that today all individual certificates must be
At 03:32 PM 9/7/03 -0400, R. A. Hettinga wrote:
If the cellphone companies in 197 countries want to correct the code errors
that expose them to trickery and abuse, they will have to call in each
customer to make a change in the cellphone's programming, or replace all of
the cellular phones used by
Ian Grigg wrote:
Pretty much. Trust in the certificate world means that
a CA has authorised a web server to conduct crypto stuff.
and James Donald and Lynn Wheeler also brought up the issues
of who's certifying what, True Names, etc.
SSL certs are really addressing (I won't say solving, exactly)
Eric Rescorla wrote:
Elasticity is about how much consumption changes when price
changes, not about what people who were already going to buy
choose to buy.
Sorry, Eric, I'm not quite with you on this...
You said:
Maybe, maybe not. You've never heard of price inelasticity?
You haven't
--
At 12:30 PM 9/7/2003 -0700, James A. Donald wrote:
To the extent that trust information is centrally handled,
as it is handled by browsers, it will tend to be applied in
ways that benefit the state and the central authority
On 7 Sep 2003 at 17:19, Anne Lynn Wheeler wrote:
Out of
15 matches
Mail list logo