Re: street prices for digital goods?

2008-09-12 Thread Peter Gutmann
Allen [EMAIL PROTECTED] writes:

I have a question about all this. There seems to be a disconnect between the
approximate prices mentioned here - too cheap to only do small transactions,
etc - and what I have seen when looking at various of the sites. Maybe I'm
missing something and you could correct my thinking.

The difference is that you're paying for service with the higher-priced
vendors (and this is something new that's only really come in in the last
couple of years).  Cheap ones are just a dump of some looted merchant database
or whatever where you may or may not get the data after paying some fly-by-
night operator and when it arrives half the cards will be invalid.  The
premium-priced ones are established vendors charging for the level of service
they provide: You get a guaranteed-good card (typically with 48- or 72-hour
replacement guarantee), you can use escrow services to guarantee delivery of
goods, you may get a tech support hotline (assuming you speak Russian), and so
on (it varies from seller to seller, obviously).  But what you're paying for
isn't really the card but the level of service that comes with it.

Peter.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


NIST has posted public comments on XTS-AES

2008-09-12 Thread Matt Ball
Hi Folks,

NIST has completed the 90-day public review of the proposal from IEEE
1619 to add XTS-AES as an Approved Mode of Operation under FIPS 140.

XTS-AES provides a narrow-block tweakable block cipher based on the
XEX construction proposed by Phillip Rogaway.

See the following link for comments, under the section Comments On
The Proposal To Approve XTS-AES:
http://csrc.nist.gov/groups/ST/toolkit/BCM/comments.html

NIST received comments from the following individuals:
* Moses Liskov, Kazuhiko Minematsu:
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/XTS/XTS_comments-Liskov_Minematsu.pdf
* Seagate Technology:
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/XTS/XTS_comments-Seagate.pdf
* Matt Ball: 
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/XTS/XTS_comments-Ball.pdf
* Collected comments:
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/XTS/collected_XTS_comments.pdf
 - Boaz Shahar
 - David Clunie
 - Rich Shroeppel
 - Phillip Rogaway
 - Vijay Bharadwaj, Neils Ferguson

Based on these comments, NIST will decide whether or not to approve
XTS for FIPS 140-2/140-3.

--
Thanks!
-Matt

Matt Ball, IEEE P1619.x SISWG Chair
Cell: 303-717-2717
http://www.linkedin.com/in/matthewvball
http://www.mavaball.net/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]