credit card threat model

2003-10-08 Thread Ian Grigg
Anne Lynn Wheeler wrote: what i said was that it was specifying a simplified SSL/TLS based on the business requirements for the primary use of SSL/TLS as opposed to a simplified SSL/TLS based on the existing technical specifications and existing implementations. I totally agree that

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-08 Thread Arcane Jill
Okay, okay. I've got the message. I give in. The toolkit will be distributed with the most generous, most liberal license possible. This means that (basically) anyone can do pretty much anything with it, including release binaries compiled with it. I'm happy with this decision. It means that

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-08 Thread Peter Gutmann
Rich Salz [EMAIL PROTECTED] writes: I think that rather than spending time on deciding what to call this library that is to-be-written, and how to license this library that is to-be-written, that time should be spent on, well, writing it. :) I would add to this the observation that rather than

Re: NCipher Takes Hardware Security To Network Level

2003-10-08 Thread Peter Gutmann
I wrote: Peter (I define myself to be A BIT CYNICAL about all this). Since it could appear that I'm gratuitously bashing FIPS 140 (or certification processes in general) here, I should clarify: As with all attempts at one- size-fits-all solutions, one size doesn't quite fit all. You can break

RFID Privacy Workshop @ MIT - November 15th

2003-10-08 Thread R. A. Hettinga
--- begin forwarded text Status: U Date: Tue, 7 Oct 2003 23:51:03 -0400 (EDT) To: R.A. [EMAIL PROTECTED] From: Simson L. Garfinkel, RFID Privacy Workshop Chair [EMAIL PROTECTED] Subject: RFID Privacy Workshop @ MIT - November 15th Dear Workshop Registrant, Thank you for registering for the

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-08 Thread Jill Ramonsky
Too late. I've already started. Besides which, posts on this group suggest that there is a demand for such a toolkit. Also, I have a lot of interest in SSL/TLS, and no interest whatsoever in IPsec. I believe I am a competent programmer, but the fact is, if you want me to write something in my

Re: anonymity +- credentials

2003-10-08 Thread Ian Grigg
Anton Stiglic wrote: - Original Message - From: Ian Grigg [EMAIL PROTECTED] [...] In terms of actual practical systems, ones that implement to Brands' level don't exist, as far as I know? There were however several projects that implemented and tested the credentials

Re: [e-lang] Re: Protocol implementation errors

2003-10-08 Thread Ben Laurie
Peter Gutmann wrote: Ben Laurie [EMAIL PROTECTED] writes: Peter Gutmann wrote: ASN.1 has a *reputation* of being notoriously hard to parse, gained chiefly from some early bad experiences with OSI work (which would give anything a reputation of being hard to work with :-). I've implemented,

Mobs Turn Net into Money Machine

2003-10-08 Thread R. A. Hettinga
--- begin forwarded text Status: U Date: Wed, 8 Oct 2003 14:10:52 -0400 To: Philodox Clips [EMAIL PROTECTED] From: R. A. Hettinga [EMAIL PROTECTED] Subject: Mobs Turn Net into Money Machine Reply-To: Philodox Clips [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL

Digital ID Forum News

2003-10-08 Thread R. A. Hettinga
--- begin forwarded text Status: U User-Agent: Microsoft-Entourage/10.1.4.030702.0 Date: Wed, 08 Oct 2003 15:09:10 +0100 Subject: Digital ID Forum News From: Dave Birch [EMAIL PROTECTED] To: Bob Hettinga [EMAIL PROTECTED] Bob, Can you repost in the usual relevant place -- many thanks...

Re: [dgc.chat] EU directive could spark patent war

2003-10-08 Thread Ian Grigg
Steve Schear wrote: [I wonder what if any effect this might have on crypto patents, e.g., Chaumian blinding?] My guess is, nix, nada. Patents are a red herring in the blinding skirmishes, they became a convenient excuse and a point to place the flag when rallying the troops. The battle was