Re: Security of Mac Keychain, Filevault

2009-11-03 Thread Taral
On Mon, Nov 2, 2009 at 5:41 PM, Jerry Leichter wrote: The trend is for this to get worse, with network-wide shared authentication via OpenID or whatever other standard catches on. Not to derail this, but OpenID is flexible enough to permit fine-grained authentication as well

Re: Truncating SHA2 hashes vs shortening a MAC for ZFS Crypto

2009-11-03 Thread David-Sarah Hopwood
Zooko Wilcox-O'Hearn wrote: Dear Darren J Moffat: I don't understand why you need a MAC when you already have the hash of the ciphertext. Does it have something to do with the fact that the checksum is non-cryptographic by default ( ),