Re: signing all outbound email

2006-09-05 Thread Massimiliano Pala

Jon Callas wrote:


On 4 Sep 2006, at 4:13 AM, Travis H. wrote:


Has anyone created hooks in MTAs so that they automagically

[...]

Go look at http://www.dkim.org/ for many more details.


This approach is MTA-to-MTA... if you want something more MTA-to-MUA,
then you can take a look at this:

http://www.springerlink.com/content/qt219462521k1113/?p=0f0727071a8245b7b5774b729461322epi=0

Cheers,
Max



smime.p7s
Description: S/MIME Cryptographic Signature


Re: OT: SSL certificate chain problems

2007-01-25 Thread Massimiliano Pala

Hi,

you should provide the whole chain starting from the CA that issued the server
cert. Be careful, though, because you should *NOT* provide the root cert
in the chain as well.

Moreover you should use the:

SSLCertificateChainFile

not the SSLCACertificateFile (which is for client auth).

Cheers,
Max.

Travis H. wrote:

Hi,

This is not really typical of the traffic on this list, hence the OT.

I send it because I think this is one of the few places where I'll
find some people with deep understanding of SSL certs.

Recently I had an issue where Google checkout would not accept an
SSL certificate because Apache didn't present the entire hierarchy,
just the site certificate itself.  The CA was Thawte.  What Google
said was that many browsers supply missing certs as needed, but
apparently their software did not.

The fix would seem to be easy; just put the right CA root cert in the
SSLCACertFile directive. or point to the directory with SSLCACertPath.
However, I've tried over and over with various root CA certs
downloaded from Thawte, and with one intermediate CA cert, and various
combinations thereof, but with no sucess.



--

Best Regards,

Massimiliano Pala

--o
Massimiliano Pala [OpenCA Project Manager][EMAIL PROTECTED]
 [EMAIL PROTECTED]

Dartmouth Computer Science Dept   Home Phone: +1 (603) 397-3883
PKI/Trust - Office 063Work Phone: +1 (603) 646-9179
--o


smime.p7s
Description: S/MIME Cryptographic Signature


Re: Quantum Cryptography

2007-06-22 Thread Massimiliano Pala

Victor Duchovni wrote:

Quantum Cryptography or Quantum Computing (i.e. cryptanysis)?

- Quantum Cryptography is fiction (strictly claims that it solves
  an applied problem are fiction, indisputably interesting Physics).


I do not really agree on this statement. There are ongoing projects, that
I know of, that are actually working on maximizing communication throughput
(which is currently not very good) on encrypted channels and minimizing
costs of involved equipment. AFAIK, one great advantage of quantum crypto
is in the area of key-exchange when establishing a secure communication.
I guess quantum crypto is definitely not fiction (Anyhow I do not know if
it has already been used somewhere... ).

Later,

--

Best Regards,

Massimiliano Pala

--o
Massimiliano Pala [OpenCA Project Manager][EMAIL PROTECTED]
 [EMAIL PROTECTED]

Dartmouth Computer Science Dept   Home Phone: +1 (603) 397-3883
PKI/Trust - Office 063Work Phone: +1 (603) 646-9179
--o


smime.p7s
Description: S/MIME Cryptographic Signature


Watermarking...

2010-04-20 Thread Massimiliano Pala

Hi all,

I was wondering if any of you have some pointers on the security of
watermarking. In particular I am interested in public-key or asymmetric
watermarking algorithms.

Also, do you know of any free-to-use (opensource/etc.) implementation
that can be used for research-test purposes ?

--

Best Regards,

Massimiliano Pala

--o
Massimiliano Pala [OpenCA Project Manager]   ope...@acm.org
  project.mana...@openca.org

Dartmouth Computer Science Dept   Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory  Work Phone: +1 (603) 646-8734
--o
People who think they know everything are a great annoyance to those of us
who do.
   -- Isaac Asimov

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: Watermarking...

2010-04-20 Thread Massimiliano Pala

[Moderator's note: Please no top posting. --Perry]

Hello Sandy, all,

basically what I need is a library that will allow me to check for
a watermark into an image/video/etc. It could be different algorithms
for different media type - my work is not related to the algorithms
themselves.

The important issues are:
* the algorithm(s) should be based on public key (asymmetric)

* my program should be able to verify that a watermark exists and
   has been generated with a private key corresponding to a specific
   public key

* an attacker should not be able to add a watermark that my app
   would recognize as valid (ie., the verification would fail when
   using my app's public key if an attacker tries to substitute
   the watermark)

* if the watermark is removed/altered/substituted I should be able
   to detect it

* the watermark should be invisible

Do you know if/where can I find some libraries that provides me with
some implementation of one or more algorithms that satisfy my needs ?
I know there are a lot of publications about these algorithms, but
I need a usable (also if not perfect) implementation.. preferably
written in C/C++

Cheers,
Max


On 04/20/2010 09:49 AM, Sandy Harris wrote:

What are your threat model and goals for the watermarking?

Some watermarks -- like the photographer's copyright notice across
a web picture -- are designed to be extremely visible. The whole
idea is that if anyone steals the photo, everyone will know.

For other threats, you might want a watermark to be completely
invisible, perhaps even undetectable without some sort of key.

Does it need to be tamper-resistant or unremovable?




--

Best Regards,

Massimiliano Pala

--o
Massimiliano Pala [OpenCA Project Manager]   ope...@acm.org
  project.mana...@openca.org

Dartmouth Computer Science Dept   Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory  Work Phone: +1 (603) 646-8734
--o
People who think they know everything are a great annoyance to those of us
who do.
   -- Isaac Asimov

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com