Re: Five Theses on Security Protocols

2010-08-01 Thread Guus Sliepen
/ with kind regards, Guus Sliepen g...@sliepen.org signature.asc Description: Digital signature

Re: Gutmann Soundwave Therapy

2008-02-01 Thread Guus Sliepen
On Thu, Jan 31, 2008 at 03:46:47PM -0500, Thor Lancelot Simon wrote: On Thu, Jan 31, 2008 at 04:07:03PM +0100, Guus Sliepen wrote: Peter sent us his write-up up via private email a few days before he posted it to this list (which got it on Slashdot). I had little time to think about

Re: Gutmann Soundwave Therapy

2008-01-31 Thread Guus Sliepen
have a web of trust, but how do you make use of it in an automated way? I expect that the next round of penis-shaped soundwave therapy will not be focussed on whether or not an application uses SSL, but on how it (mis)uses SSL. -- Met vriendelijke groet / with kind regards, Guus Sliepen

Re: World's most powerful supercomputer goes online

2007-09-02 Thread Guus Sliepen
, or modify the software to allow explicit deletion of certain information. With more that 1 million nodes it will be even harder to delete data. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: long-term GPG signing key

2006-01-17 Thread Guus Sliepen
On Sat, Jan 14, 2006 at 12:30:25PM -0700, Anne Lynn Wheeler wrote: Guus Sliepen wrote: By default, GPG creates a signing key and an encryption key. The signing key is used both for signing other keys (including self-signing your own keys), and for signing documents (like emails). However

Re: long-term GPG signing key

2006-01-13 Thread Guus Sliepen
. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: The future of security

2004-05-31 Thread Guus Sliepen
trust paths out of the box, I think PGP's web of trust model would be used a lot more. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-09 Thread Guus Sliepen
that support it, and although some platforms already have some support for it in their kernels, I don't think it's possible to write a user space application using SCTP yet. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: Simple SSL/TLS - Some Questions

2003-10-03 Thread Guus Sliepen
of turning it into C later if necessary ... but if majority opinion says otherwise I'll reconsider. Well as long as your library has a decent C interface, I wouldn't mind if it was written in C, C++, Haskell or something even stranger. -- Met vriendelijke groet / with kind regards, Guus Sliepen

Re: Monoculture

2003-10-01 Thread Guus Sliepen
/ with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: New authentication protocol, was Re: Tinc's response to Linux's answer to MS-PPTP

2003-09-30 Thread Guus Sliepen
. Please don't bother arguing about this. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: New authentication protocol, was Re: Tinc's response to 'Linux's answer to MS-PPTP'

2003-09-30 Thread Guus Sliepen
. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: New authentication protocol, was Re: Tinc's response to Linux's answer to MS-PPTP

2003-09-29 Thread Guus Sliepen
the point of signing instead of encrypting. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Re: New authentication protocol, was Re: Tinc's response to Linux's answer to MS-PPTP

2003-09-29 Thread Guus Sliepen
On Mon, Sep 29, 2003 at 05:57:46PM +0200, Guus Sliepen wrote: Now, the attacker chooses 0 as his DH public. This makes ZZ always equal to zero, no matter what the peer's DH key is. I think you mean it is equal to 1 (X^0 is always 1). Whoops, stupid me. Please ignore that. -- Met

Re: Tinc's response to Linux's answer to MS-PPTP

2003-09-28 Thread Guus Sliepen
step. I expect this is a reference to Why TCP Over TCP Is A Bad Idea http://sites.inka.de/~bigred/devel/tcp-tcp.html Yes. If Guus Sliepen and Ivo Timmermans are willing to seriously rethink their high tolerance for unncessary weakness, I think tinc 2.0 could end up being a secure piece

Re: Tinc's response to Linux's answer to MS-PPTP

2003-09-27 Thread Guus Sliepen
design the current protocol as a replacement of SSL. In fact we replaced something that was worse than the current protocol. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature

Tinc's response to Linux's answer to MS-PPTP

2003-09-26 Thread Guus Sliepen
as secure as anything else. Comments are welcome. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature