Re: Looking through a modulo operation

2008-07-23 Thread lists
Matt Ball matt.ball ieee.org wrote Here is a C implementation of __random32: typedef unsigned long u32; struct rnd_state { u32 s1, s2, s3; }; static u32 __random32(struct rnd_state *state) { #define TAUSWORTHE(s,a,b,c,d) ((sc)d) ^ (((s a) ^ s)b) state-s1 = TAUSWORTHE(state-s1, 13,

Re: how to check if your ISP's DNS servers are safe

2008-07-23 Thread Steven M. Bellovin
On Tue, 22 Jul 2008 10:21:14 -0400 Perry E. Metzger [EMAIL PROTECTED] wrote: Niels Provos has a web page up with some javascript that automatically checks if your DNS caching server has been properly patched or not. http://www.provos.org/index.php?/pages/dnstest.html It is worth telling

Re: how to check if your ISP's DNS servers are safe

2008-07-23 Thread John Denker
On 07/23/2008 12:44 AM, Steven M. Bellovin wrote: Niels Provos has a web page up with some javascript that automatically checks if your DNS caching server has been properly patched or not. http://www.provos.org/index.php?/pages/dnstest.html It is worth telling people to try. Those who

The PKC-only application security model ...

2008-07-23 Thread Thierry Moreau
Dear all: This is a two-fold announcement, big picture and specific document announcement. The whole thing is for your information as security experts. A) The big picture refers to the PKC-only application security scheme, in which client-server applications may be secured with client-side

Re: The PKC-only application security model ...

2008-07-23 Thread Anne Lynn Wheeler
Thierry Moreau wrote: A)The big picture refers to the PKC-only application security scheme, in which client-server applications may be secured with client-side public key pairs, but *no trusted certification authority* is involved (server operators are expected to maintain a trusted

Re: The PKC-only application security model ...

2008-07-23 Thread Thierry Moreau
Anne Lynn Wheeler wrote about various flavors of certificateless public key operation in various standards, notably in the financial industry. Thanks for reporting those. No doubt that certificateless public key operation is neither new nor absence from today's scene. The document I