Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Peter Gutmann
Russell Nelson [EMAIL PROTECTED] writes: Peter Gutmann writes: STARTTLS If Alice and Cathy both implement STARTTLS, and Beatty does not, and Beatty handles email which is ultimately sent to Cathy, then STARTTLS accomplishes nothing. If Uma and Wendy implement DomainKeys, and Violet does not,

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Dave Howe
Ed Gerck wrote: No -- DomainKeys has nothingf to do with 'email cryptography'. They are S/MIME and PGP/MIME. I wouldn't say PGP/MIME (as opposed to pgp inline) was a widely enough used standard to be considered one of two options - pgp (both methods) certainly, but not pgp/mime exclusively.

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Ed Gerck
Peter Gutmann wrote: The S/MIME list debated this some time ago, and decided (pretty much unanimously) against it, for two reasosn. Firstly, because it adds huge ugly blobs of base64 crap to each message (and before the ECC fans leap in here, that still adds small ugly blobs of base64 crap to

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Russell Nelson
I see that you are not interested in discussing the relative merits of STARTTLS vs. DomainKeys, but instead are just trying to push STARTTLS. I hope that Perry will see through your sales job, and will return your email to you, just as he will return this one to me. -russ [Moderator's note: No

Re: A National ID

2004-06-01 Thread Dave Howe
R. A. Hettinga wrote: If we're going to move to a national identification card, we can't afford to do it badly. Now is the time to figure out how to create a card that helps identify people but doesn't rob them of a huge swath of their civil liberties in the process. Just watch how the british do

Re: Software Helps Rights Groups Protect Sensitive Information

2004-06-01 Thread Dave Howe
R. A. Hettinga wrote: To prevent loss or theft, the data is backed up automatically and redundantly on dedicated Martus servers in Manila, Toronto, Seattle and Budapest. Nobody can read the files without access to the original user's cryptography key and password -- with the exception of

Re: Software Helps Rights Groups Protect Sensitive Information

2004-06-01 Thread Ivan Krstic
This reminds me of a question I've been meaning to ask for a while. Has there been any research done on encryption systems which encrypt two (or n) plaintexts with n keys, producing a joint ciphertext with the property that decrypting it with key k[n] only produces the nth plaintext? In the

Library talk on cryptography begins technology series

2004-06-01 Thread R. A. Hettinga
http://www.zwire.com/site/news.cfm?newsid=11830032BRD=1091PAG=461dept_id=425695rfi=6 NEWS SEARCH The Princeton Packet Library talk on cryptography begins technology series By: Jennifer Potash , Staff Writer 06/01/2004 Expert promises a nontechnical approach. No decoder rings are

Re: A National ID

2004-06-01 Thread Peter Clay
On Mon, 31 May 2004, R. A. Hettinga wrote: in most European countries, people carry national ID's as a matter of course. And pressure is mounting in America for some kind of security card. Similarly, there is a push for ID cards in the UK at the moment. See http://www.stand.org.uk/ and

Colossus reconstruction at Bletchley Park is finished.

2004-06-01 Thread Perry E. Metzger
(I had the privilege, along with a few other folks on this list, of seeing the reconstructed Colossus a couple of years ago up close while it was in an earlier phase of the work. The fact that the job is now finished is quite cool.) Return of Colossus marks D-Day By Jo Twist BBC News Online

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Ian Grigg
Dave Howe wrote: Peter Gutmann wrote: It *is* happening, only it's now called STARTTLS (and if certain vendors (Micromumblemumble) didn't make it such a pain to set up certs for their MTAs but simply generated self-signed certs on install and turned it on by default, it'd be happening even

RE: Software Helps Rights Groups Protect Sensitive Information

2004-06-01 Thread Ian Brown
This reminds me of a question I've been meaning to ask for a while. Has there been any research done on encryption systems which encrypt two (or n) plaintexts with n keys, producing a joint ciphertext with the property that decrypting it with key k[n] only produces the nth plaintext? See the

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Ian Grigg
Dave Howe wrote: Ian Grigg wrote: Dave Howe wrote: TLS for SMTP is a nice, efficient way to encrypt the channel. However, it offers little or no assurance that your mail will *stay* encrypted all the way to the recipients. That's correct. But, the goal is not to secure email to the extent

Re: Software Helps Rights Groups Protect Sensitive Information

2004-06-01 Thread Mark Armbrust
At 16:08 2004-05-31 -0400, Ivan Krstic [EMAIL PROTECTED] wrote: This reminds me of a question I've been meaning to ask for a while. Has there been any research done on encryption systems which encrypt two (or n) plaintexts with n keys, producing a joint ciphertext with the property that

Re: The future of security

2004-06-01 Thread Eugen Leitl
On Mon, May 31, 2004 at 08:27:49PM -0700, bear wrote: The point of an automated web of trust is that the machine is doing the accounting for you. Does it? If there were meaningful reputation accounting You got fooled by the present tense. If there was such an architecture, I wouldn't have

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Anne Lynn Wheeler
At 10:14 PM 5/30/2004, Peter Gutmann wrote: The S/MIME list debated this some time ago, and decided (pretty much unanimously) against it, for two reasosn. Firstly, because it adds huge ugly blobs of base64 crap to each message (and before the ECC fans leap in here, that still adds small ugly

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Dave Howe
Ian Grigg wrote: Dave Howe wrote: No - it means you might want to consider a system that guarantees end-to-end encryption - not just first link, then maybe if it feels like it That doesn't mean TLS is worthless - on the contrary, it adds an additional layer of both user authentication and