Russell Nelson [EMAIL PROTECTED] writes:
Peter Gutmann writes:
STARTTLS
If Alice and Cathy both implement STARTTLS, and Beatty does not, and Beatty
handles email which is ultimately sent to Cathy, then STARTTLS accomplishes
nothing. If Uma and Wendy implement DomainKeys, and Violet does not,
Peter Gutmann wrote:
The S/MIME list debated this some time ago, and decided (pretty much
unanimously) against it, for two reasosn. Firstly, because it adds huge ugly
blobs of base64 crap to each message (and before the ECC fans leap in here,
that still adds small ugly blobs of base64 crap to
R. A. Hettinga wrote:
If we're going to move to a national identification card, we can't afford
to do it badly. Now is the time to figure out how to create a card that
helps identify people but doesn't rob them of a huge swath of their civil
liberties in the process.
Just watch how the british do
R. A. Hettinga wrote:
To prevent loss or theft, the data is backed up automatically and
redundantly on dedicated Martus servers in Manila, Toronto, Seattle and
Budapest. Nobody can read the files without access to the original user's
cryptography key and password -- with the exception of
This reminds me of a question I've been meaning to ask for a while. Has
there been any research done on encryption systems which encrypt two (or
n) plaintexts with n keys, producing a joint ciphertext with the
property that decrypting it with key k[n] only produces the nth plaintext?
In the
http://www.zwire.com/site/news.cfm?newsid=11830032BRD=1091PAG=461dept_id=425695rfi=6
NEWS SEARCH
The Princeton Packet
Library talk on cryptography begins technology series
By: Jennifer Potash , Staff Writer
06/01/2004
Expert promises a nontechnical approach.
No decoder rings are
On Mon, 31 May 2004, R. A. Hettinga wrote:
in most European countries, people carry national ID's as a matter of
course. And pressure is mounting in America for some kind of security card.
Similarly, there is a push for ID cards in the UK at the moment. See
http://www.stand.org.uk/ and
(I had the privilege, along with a few other folks on this list, of
seeing the reconstructed Colossus a couple of years ago up close while
it was in an earlier phase of the work. The fact that the job is
now finished is quite cool.)
Return of Colossus marks D-Day
By Jo Twist
BBC News Online
Dave Howe wrote:
Peter Gutmann wrote:
It *is* happening, only it's now called STARTTLS (and if certain vendors
(Micromumblemumble) didn't make it such a pain to set up certs for
their MTAs
but simply generated self-signed certs on install and turned it on by
default,
it'd be happening even
Dave Howe wrote:
Ian Grigg wrote:
Dave Howe wrote:
TLS for SMTP is a nice, efficient way to encrypt the channel.
However, it offers little or no assurance that your mail will
*stay* encrypted all the way to the recipients.
That's correct. But, the goal is not to secure email to the extent
At 16:08 2004-05-31 -0400, Ivan Krstic [EMAIL PROTECTED] wrote:
This reminds me of a question I've been meaning to ask for a while. Has
there been any research done on encryption systems which encrypt two (or
n) plaintexts with n keys, producing a joint ciphertext with the
property that
On Mon, May 31, 2004 at 08:27:49PM -0700, bear wrote:
The point of an automated web of trust is that the machine is doing the
accounting for you.
Does it? If there were meaningful reputation accounting
You got fooled by the present tense. If there was such an architecture, I
wouldn't have
At 10:14 PM 5/30/2004, Peter Gutmann wrote:
The S/MIME list debated this some time ago, and decided (pretty much
unanimously) against it, for two reasosn. Firstly, because it adds huge ugly
blobs of base64 crap to each message (and before the ECC fans leap in here,
that still adds small ugly
Ian Grigg wrote:
Dave Howe wrote:
No - it means you might want to consider a system that guarantees
end-to-end encryption - not just first link, then maybe if it feels
like it
That doesn't mean TLS is worthless - on the contrary, it adds an
additional layer of both user authentication and
14 matches
Mail list logo