--- begin forwarded text
From: ECC 2004 <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: ECC 04 <[EMAIL PROTECTED]>
Subject: ECC 2004
Date: Tue, 27 Jul 2004 18:15:49 +0200
=
---
Hi Adam,
> The difference is if the CA does not generate private keys, there
> should be only one certificate per email address, so if two are
> discovered in the wild the user has a transferable proof that the CA
> is up-to-no-good. Ie the difference is it is detectable and provable.
As far as
For those who haven't seen the announcement:
-- Snip --
July 27, 2004 -- NIST has determined that the strength of the (single) Data
Encryption Standard (DES) algorithm is no longer sufficient to adequately
protect Federal government information. As a result, NIST proposes
withdrawing FIPS 46-3, w
<[EMAIL PROTECTED]> writes:
><2 cents>In the business cases pointed out where it is good that the multiple
>parties hold the private key, I feel the certificate should indicate that
>there are multiple parties so that Bob can realize he is having authenticated
>and private communications with Alic
Email end-to-end: PGP, PGP/MIME, S/MIME. Not tunnel SSL or SSL
at the end points.
Lars Eilebrecht wrote:
According to Ed Gerck:
But encryption and authentication are a hassle today, with less
than 2% of all email encrypted (sorry, can't cite the source I know).
Are these 2% 'only' S/MIME and PGP-