Re: dual-use digital signature [EMAIL PROTECTED]

2004-07-28 Thread Peter Gutmann
Anne Lynn Wheeler [EMAIL PROTECTED] write: the assertion here is possible threat model confusion when the same exact technology is used for two significantly different business purposes. I don't think there's any confusion about the threat model, which is Users find it too difficult to generate

Re: dual-use digital signature [EMAIL PROTECTED]

2004-07-28 Thread Peter Gutmann
Richard Levitte - VMS Whacker [EMAIL PROTECTED] writes: Peter, are you talking about generic CAs or in-corporation ones? Both. Typically what happens is that the CA generates the key and cert and mails it to the user as a PKCS #12 file, either in plaintext, with the password in the same email,

Re: dual-use digital signature vulnerability

2004-07-28 Thread Sean Smith
For what it's worth, last week, I had the chance to eat dinner with Carlisle Adams (author of the PoP RFC), and he commented that he didn't know of any CA that did PoP any other way than have the client sign part of a CRM. Clearly, this seems to contradict Peter's experience. I'd REALLY love

Re: Using crypto against Phishing, Spoofing and Spamming...

2004-07-28 Thread Bill Stewart
At 03:20 AM 7/18/2004, Enzo Michelangeli wrote: Can someone explain me how the phishermen escape identification and prosecution? Gaining online access to someone's account allows, at most, to execute wire transfers to other bank accounts: but in these days anonymous accounts are not exactly easy

Re: dual-use digital signature [EMAIL PROTECTED]

2004-07-28 Thread Ian Grigg
Peter Gutmann wrote: A depressing number of CAs generate the private key themselves and mail out to the client. This is another type of PoP, the CA knows the client has the private key because they've generated it for them. It's also cost-effective. The CA model as presented is too expensive.

Re: Humorous anti-SSL PR

2004-07-28 Thread Zooko
Eric: On 2004, Jul 15, , at 17:55, Eric Rescorla wrote: There are advantages to message-oriented security (cf. S-HTTP) but this doesn't seem like a very convincing one. Could you please elaborate on this, or refer me to a document which expresses your views? I just read [1] in search of

DES: Now 'really most sincerely dead'

2004-07-28 Thread Trei, Peter
Back in late 1996, I wrote to Jim Bidzos, proposing an RSA Challenge to break single DES by brute force computation. Later in 1997, the first DES Challenge was successfully completed. Its taken another 7 years, but NIST has finally pulled single DES as a supported mode. Favorite line: DES

DIMACS Workshop on Mobile and Wireless Security

2004-07-28 Thread Linda Casals
***CALL FOR PAPERS* * DIMACS Workshop on Mobile and Wireless Security November 3 - 5, 2004 DIMACS Center, Rutgers University, Piscataway, NJ Organizers: Bill Arbaugh, University

DIMACS Workshop on Bounded Rationality

2004-07-28 Thread Linda Casals
* DIMACS Workshop on Bounded Rationality January 31 - February 1, 2005 DIMACS Center, Rutgers University, Piscataway, NJ Organizers: Lance Fortnow, University of Chicago, [EMAIL PROTECTED] Richard

[Meetingpunks] SF Bay Area Cypherpunks August 2004 Physical Meeting Announcement

2004-07-28 Thread R. A. Hettinga
--- begin forwarded text Date: Tue, 27 Jul 2004 09:10:21 -0700 To: [EMAIL PROTECTED] From: Bill Stewart [EMAIL PROTECTED] Old-Subject: [Meetingpunks] SF Bay Area Cypherpunks August 2004 Physical Meeting Announcement Subject: [Meetingpunks] SF Bay Area Cypherpunks August 2004 Physical

RE: dual-use digital signature [EMAIL PROTECTED]

2004-07-28 Thread Michael_Heyman
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Gutmann Sent: Saturday, July 24, 2004 9:07 PM [SNIP] A depressing number of CAs generate the private key themselves and mail out to the client. Replies to this talked about business cases to have control of the private

should you trust CAs? (Re: dual-use digital signature vulnerability)

2004-07-28 Thread Adam Back
The difference is if the CA does not generate private keys, there should be only one certificate per email address, so if two are discovered in the wild the user has a transferable proof that the CA is up-to-no-good. Ie the difference is it is detectable and provable. If the CA in normal

Re: The future of security

2004-07-28 Thread Lars Eilebrecht
According to Ed Gerck: But encryption and authentication are a hassle today, with less than 2% of all email encrypted (sorry, can't cite the source I know). Are these 2% 'only' S/MIME and PGP-encrypted email messages or is SSL-encrypted email communication included? ciao... -- Lars

Feds and Yahoo Muzzle DNC Security Whistleblower

2004-07-28 Thread R. A. Hettinga
--- begin forwarded text Date: Sun, 25 Jul 2004 14:39:14 -0700 To: [EMAIL PROTECTED] From: John Young [EMAIL PROTECTED] Subject: Feds and Yahoo Muzzle DNC Security Whistleblower Sender: [EMAIL PROTECTED] It appears that the Feds and LEA at the DNC Convention have ordered Yahoo to axe the mail

Re: should you trust CAs? (Re: dual-use digital signature vulnerability)

2004-07-28 Thread Anne Lynn Wheeler
At 12:09 PM 7/28/2004, Adam Back wrote: The difference is if the CA does not generate private keys, there should be only one certificate per email address, so if two are discovered in the wild the user has a transferable proof that the CA is up-to-no-good. Ie the difference is it is detectable

Lost Record '02 Florida Vote Raises '04 Concern

2004-07-28 Thread R. A. Hettinga
http://www.nytimes.com/2004/07/28/politics/campaign/28vote.final.html?ei=5006en=b992e2c2cfb441c3ex=1091592000partner=ALTAVISTA1pagewanted=printposition= The New York Times July 28, 2004 Lost Record '02 Florida Vote Raises '04 Concern By ABBY GOODNOUGH IAMI, July 27 - Almost all the electronic