On Tue, May 31, 2005 at 06:43:56PM -0400, Perry E. Metzger wrote:
So we need to see a Choicepoint for listening and sniffing and so
forth.
No, we really don't.
Perhaps we do - not so much as a source of hard statistical data, but
as a source of hard pain.
People making (uninformed or
Daniel Carosone [EMAIL PROTECTED] writes:
On Tue, May 31, 2005 at 06:43:56PM -0400, Perry E. Metzger wrote:
So we need to see a Choicepoint for listening and sniffing and so
forth.
No, we really don't.
Perhaps we do - not so much as a source of hard statistical data, but
as a source of
J.A. Terranson wrote:
So, how long before someone, possibly even me, points out that all
Checkpoint software is built in Israel?
Nicely put, but I think not quite fair. From friends in financial and
other companies in the states and otherwise, I hear that Trojans are
very common there as
On Wednesday 01 June 2005 10:35, Birger Tödtmann wrote:
Am Dienstag, den 31.05.2005, 18:31 +0100 schrieb Ian G:
[...]
As an alternate hypothesis, credit cards are not
sniffed and never will be sniffed simply because
that is not economic. If you can hack a database
and lift 10,000++
On Tuesday 31 May 2005 23:43, Anne Lynn Wheeler wrote:
in most business scenarios ... the relying party has previous knowledge
and contact with the entity that they are dealing with (making the
introduction of PKI digital certificates redundant and superfluous).
Yes, this is directly what we
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Peter Gutmann
Sent: Tuesday, May 31, 2005 1:29 PM
In this situation, I believe that the users, through hard won
experience with computers, _correctly_ assumed this was a
false positive.
Probably not.
[SNIP text on user's
Ian G writes:
|
| In the end, the digital signature was just crypto
| candy...
|
On the one hand a digital signature should matter more
the bigger the transaction that it protects. On the
other hand, the bigger the transaction the lower the
probability that it is between strangers who
On Tuesday 31 May 2005 23:43, Perry E. Metzger wrote:
Ian G [EMAIL PROTECTED] writes:
Just on the narrow issue of data - I hope I've
addressed the other substantial points in the
other posts.
The only way we can overcome this issue is data.
You aren't going to get it. The companies that get
Hi Birger,
Nice debate!
On Wednesday 01 June 2005 13:52, Birger Tödtmann wrote:
Am Mittwoch, den 01.06.2005, 12:16 +0100 schrieb Ian G:
[...]
The point is this: you *could*
turn off SSL and it wouldn't make much difference
to actual security in the short term at least, and maybe
not
On Tuesday 31 May 2005 19:38, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Ian G writes:
On Tuesday 31 May 2005 02:17, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], James A. Donald writes:
--
PKI was designed to defeat man in the middle attacks
based on network
10 matches
Mail list logo
