--
From: Werner Koch [EMAIL PROTECTED]
You need to clarify the trust model. The OpenPGP
standard does not define any trust model at all. The
standard merely defines fatures useful to implement a
trust model.
Clarifying the trust model sounds suspiciously like
designers
Define fast - KASUMI is based heavily on MISTY1. In fact, during a fast scan of
the KASUMI spec, I couldn't see anywhere obvious where it different from MISTY1
at all. As far as I know, I'm the only person who has even tried writing fast
code for MISTY1, and the result is quite dog-slow compared
Maybe in near future the advantages of that noise produced by millions
of bots will outweigh the disadvantages?
Comments are welcome.
The noise must be made by us, the people, and directed towards leaders and
industry. Technology solutions will not fix the fundamental problems.
Joe
David Mercer wrote:
And my appologies to Ben Laurie and friends, but why after all these
years is the UI interaction in ssh almost exactly the same when
accepting a key for the first time as overriding using a different one
when it changed on the other end, whether from mitm or just a
On 12/15/05, Ben Laurie [EMAIL PROTECTED] wrote:
David Mercer wrote:
Thanks for the apology, but ... ssh is not my fault.
Sorry, crosswired openssl and openssh in my brain!
I will agree that something better than just showing you the key would
be cool. Like maybe it could be signed by
[EMAIL PROTECTED] wrote:
| | My question is, what is the layperson supposed to do, if they must
use
| | crypto and can't use an off-the-shelf product?
| |
| | When would that be the case?
| |
| | The only defensible situations I can think of in which a
| | non-crypto-specialist
James A. Donald wrote:
--
From: Werner Koch [EMAIL PROTECTED]
You need to clarify the trust model. The OpenPGP
standard does not define any trust model at all. The
standard merely defines fatures useful to implement a
trust model.
Clarifying the trust model sounds
--
From: Ben Laurie [EMAIL PROTECTED]
if the key changes in OpenSSH you can't connect until
you take positive action by deleting the old key from
the known_hosts file. This is totally different to
accepting a new key.
I will agree that something better than just