an increase of fraud
and financial loss.
So in some cases anything less than a whole loaf, which you can't guarantee
for N years of time, isn't 'good enough.' In other words, we are screwed no
matter what.
-David Mercer
--
David Mercer - http://dmercer.tumblr.com
IM: AIM: M
Thursday, October 10, 2013, Phillip Hallam-Baker wrote:
>
> [Can't link to FIPS180-4 right now as its down]
>
For the lazy among us, including my future self, a shutdown-proof url to
the archive.org copy of the NIST FIPS 180-4 pdf:
http://tinyurl.com/FIPS180-4
-David Mercer
ering the domain objectdns.com.
Things stalled out there due to my lack of copious free time.
David Mercer - http://dmercer.tumblr.com
IM: AIM: MathHippy Yahoo/MSN: n0tmusic
Facebook/Twitter/Google+/Linkedin: radix42
FAX: +1-801-877-4351 - BlackBerry PIN: 332004F7
fixed
there. Don't trust seeds you didn't generate. Think about Amazon AWS
instances all spinning up on demand with the exact same init code and prng
seed (this example is not the ones i dealt with, butnis perhaps a larger
problem). You always have a window after startup where you can predict
ations that need to prove that things weren't
altered (or to be able to audit when they are). It is of course quite
a lot more expensive to do things that way compared to how the typical
IT shop does things.
-David Mercer
-
onditioned to ignore them or click on Ok in general, that that itself
was not the biggest barrier to their (potential) future wide
deployment, at least not in relation to other UI issues for their use.
-David Mercer
Tucson, AZ
--
but these ssl examples are directly cut and pasted from
live ssl sessions. What a mess, and again, holy water indeed!
Ciao,
-David Mercer
Tucson, AZ
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
On 12/15/05, Ben Laurie <[EMAIL PROTECTED]> wrote:
> David Mercer wrote:
> Thanks for the apology, but ... ssh is not my fault.
Sorry, crosswired openssl and openssh in my brain!
> I will agree that something better than just showing you the key would
> be cool. Like maybe it
(Hopefully this is sent as ascii, as I had previously set my gmail to
send in utf-8 encoding, as I often send email in french as well as
english. -djm)
On 12/11/05, James A. Donald <[EMAIL PROTECTED]> wrote:
> It is not my position that inability to sign means that
> the chairman of the board is s
