Re: Disk encryption advice...

2010-10-08 Thread Victor Duchovni
On Fri, Oct 08, 2010 at 04:27:57PM -0400, Perry E. Metzger wrote: I have a client with the following problem. They would like to encrypt all of their Windows workstation drives, but if they do that, the machines require manual intervention to enter a key on every reboot. Why is this a

Re: Formal notice given of rearrangement of deck chairs on RMS PKItanic

2010-10-06 Thread Victor Duchovni
On Wed, Oct 06, 2010 at 04:52:46PM +1300, Peter Gutmann wrote: From https://wiki.mozilla.org/CA:MD5and1024: December 31, 2010 - CAs should stop issuing intermediate and end-entity certificates from roots with RSA key sizes smaller than 2048 bits [0]. All CAs should stop issuing

Re: Randomness, Quantum Mechanics - and Cryptography

2010-09-08 Thread Victor Duchovni
On Tue, Sep 07, 2010 at 10:22:57PM -0400, Jerry Leichter wrote: But there isn't actually such a thing as classical thermodynamical randomness! Classical physics is fully deterministic. Thermodynamics uses a probabilistic model as a way to deal with situations where the necessary

Re: What's the state of the art in factorization?

2010-04-21 Thread Victor Duchovni
On Tue, Apr 20, 2010 at 08:58:25PM -0400, Thierry Moreau wrote: The DNS root may be qualified as a high valued zone, but I made the effort to put in writing some elements of a risk analysis (I have an aversion for this notion as I build *IT*controls* and the consultants are hired to

Re: Crypto dongles to secure online transactions

2009-11-17 Thread Victor Duchovni
On Tue, Nov 17, 2009 at 01:35:12AM -, John Levine wrote: So should or should not an embedded system have a remote management interface? In this case, heck, no. The whole point of this thing is that it is NOT remotely programmable to keep malware out. Which is perhaps why it is not a

Re: TLS break

2009-11-16 Thread Victor Duchovni
On Wed, Nov 11, 2009 at 10:57:04AM -0500, Jonathan Katz wrote: Anyone care to give a layman's explanation of the attack? The explanations I have seen assume a detailed knowledge of the way TLS/SSL handle re-negotiation, The re-negotiation handshake does not *commit* both parties in the new

Re: TLS break

2009-11-10 Thread Victor Duchovni
On Sun, Nov 08, 2009 at 01:08:54PM -0500, Perry E. Metzger wrote: I'll point out that in the midst of several current discussions, the news of the TLS protocol bug has gone almost unnoticed, even though it is by far the most interesting news of recent months. Not entirely unnoticed:

Re: Possibly questionable security decisions in DNS root management

2009-10-20 Thread Victor Duchovni
On Sat, Oct 17, 2009 at 02:23:25AM -0700, John Gilmore wrote: Given that they are attempted to optimize for minimal packet size, the choice of RSA for signatures actually seems quite bizarre. Each of these records is cached on the client side, with a very long timeout (e.g. at least a

Re: Question about Shamir secret sharing scheme

2009-10-04 Thread Victor Duchovni
in 1979. An algorithm is not the same an implementation. There was no Java back then either, and people still somehow wrote working code in '79. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security

Re: Merry Certmas! CN=*\x00thoughtcrime.noisebridge.net

2009-09-30 Thread Victor Duchovni
On Tue, Sep 29, 2009 at 10:51:33PM -0700, Jacob Appelbaum wrote: It's been long enough that everyone should be patched for this awesome class of bugs. This certificate and corresponding private key should help people test fairly obscure software or software they've written themselves. I hope

Re: password safes for mac

2009-07-01 Thread Victor Duchovni
On Wed, Jul 01, 2009 at 11:03:13AM -0400, Adam Shostack wrote: On Tue, Jun 30, 2009 at 11:26:06AM -0500, Nicolas Williams wrote: | On Mon, Jun 29, 2009 at 11:29:48PM -0700, Jacob Appelbaum wrote: | This would be great if LoginWindow.app didn't store your unencrypted | login and password in

Re: Factoring attack against RSA based on Pollard's Rho

2009-06-07 Thread Victor Duchovni
On Fri, Jun 05, 2009 at 08:07:21PM -0700, Greg Perry wrote: I have published a unique factoring method related to Pollard's Rho that is published here: http://blog.liveammo.com/2009/06/factoring-fun/ Several aspects of the RSA encryption algorithm can be attacked: attacks against

Re: Factoring attack against RSA based on Pollard's Rho

2009-06-07 Thread Victor Duchovni
On Sun, Jun 07, 2009 at 05:10:30PM +0100, Ben Laurie wrote: Paul Hoffman wrote: At 8:07 PM -0700 6/5/09, Greg Perry wrote: Greetings list members, I have published a unique factoring method related to Pollard's Rho that is published here:

Re: Factoring attack against RSA based on Pollard's Rho

2009-06-07 Thread Victor Duchovni
On Sun, Jun 07, 2009 at 05:41:00PM -0700, Greg Perry wrote: The significance of this method is the ability to determine any properties of p and q from a simple operation to n. To be blunt, I see no significance of any kind... You have observed that unless N is divisible by 3, p and q are both

Re: Warning! New cryptographic modes!

2009-05-11 Thread Victor Duchovni
On Mon, May 11, 2009 at 02:16:45PM -0400, Roland Dowdeswell wrote: In any case, there are obvious, well-understood solutions here: Use counter mode, which propagates changes by a single block of the cryptosystem. Or use any other stream cipher mode. (An interesting question is

Re: SHA-1 collisions now at 2^{52}?

2009-05-01 Thread Victor Duchovni
On Thu, Apr 30, 2009 at 11:07:31PM -0400, Perry E. Metzger wrote: Greg Rose g...@qualcomm.com writes: This is a very important result. The need to transition from SHA-1 is no longer theoretical. It already wasn't theoretical... if you know what I mean. The writing has been on the

Re: MD5 considered harmful today, SHA-1 considered harmful tomorrow

2009-01-23 Thread Victor Duchovni
was used: 0.9.2b is 0x0922.) * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ #define OPENSSL_VERSION_NUMBER 0x0090809fL -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor

Re: MD5 considered harmful today, SHA-1 considered harmful tomorrow

2009-01-20 Thread Victor Duchovni
On Mon, Jan 19, 2009 at 10:45:55AM +0100, Bodo Moeller wrote: The RFC does exit (TLS 1.2 in RFC 5246 from August 2008 makes SHA-256 mandatory), so you can send a SHA-256 certificate to clients that indicate they support TLS 1.2 or later. You'd still need some other certificate for

Re: MD5 considered harmful today, SHA-1 considered harmful tomorrow

2009-01-11 Thread Victor Duchovni
well after 2010. New applications written in 2010 will ideally support SHA-2, but SHA-1 will probably still be the default digest in many applications through 2013 or 2015. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy

Re: MD5 considered harmful today, SHA-1 considered harmful tomorrow

2009-01-10 Thread Victor Duchovni
On Thu, Jan 08, 2009 at 06:23:47PM -0600, Dustin D. Trammell wrote: Nearly everything I've seen regarding the proposed solutions to this attack have involved migration to SHA-1. SHA-1 is scheduled to be decertified by NIST in 2010, and NIST has already recommended[1] moving away from SHA-1

Re: AES HDD encryption was XOR

2008-12-09 Thread Victor Duchovni
On Mon, Dec 08, 2008 at 08:53:18PM -0800, Jon Callas wrote: In the NBC TV episode of /Chuck/ a couple of weeks ago, the NSA cracked a 512-bit AES cipher on a flash drive trying every possible key. Could be hours, could be days. (Only minutes in TV land.)

TLS Server Name Indication and IDNA?

2008-10-24 Thread Victor Duchovni
I am considering adding TLS Server Name Indication support in the Postfix SMTP server and client. I am puzzled by the exceedingly terse description of the semantics of the HostName sent in the SNI extension: http://tools.ietf.org/html/rfc4366#section-3.1 If the hostname labels

Re: RSA modulus record

2008-09-16 Thread Victor Duchovni
On Tue, Sep 16, 2008 at 09:01:51PM +0200, Weger, B.M.M. de wrote: There's a new biggest known RSA modulus. It is (in hexadecimal notation): FF...(total of 9289166 F's)...FFDFF...(total of 1488985 F's)...FF800...(total of 9289165 0's)...001 It is guaranteed to be the product of two

Re: Looking through a modulo operation

2008-07-21 Thread Victor Duchovni
satisfies: x_96 = c_95 * x_95 + c_94 * x_94 ... + c_0 for the same coefficients. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAIL

Re: Looking through a modulo operation

2008-07-21 Thread Victor Duchovni
On Mon, Jul 21, 2008 at 12:03:50PM -0400, Victor Duchovni wrote: On Sun, Jul 20, 2008 at 04:14:33PM -0600, Matt Ball wrote: From a little bit of off-line discussion, I think I've got a restatement of the problem that is more suitable to those with a stronger programming background than

Re: Kaminsky finds DNS exploit

2008-07-09 Thread Victor Duchovni
specifically the second paragraph the mentions the Birthday Attack. The assumptions of that paragraph can be relaxed in a natural way to broaden the scope of the attack. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X

Re: Permanent Privacy - Snake Oil or unbreakable encryption?

2008-07-07 Thread Victor Duchovni
/story/hackers-hell-privacy-compromised/ This reads like a pump'n'dump stock scam. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAIL

Re: Secure voice?

2008-07-06 Thread Victor Duchovni
On Fri, Jul 04, 2008 at 04:04:11PM -0700, Allen wrote: Interesting tidbit: http://www.epaynews.com/index.cgi?survey=ref=browsef=viewid=121516308313743148197block= Nick Ogden, a Briton who launched one of the world's first e-commerce processors in 1994, has developed a system for

Re: Protection mail at rest

2008-06-04 Thread Victor Duchovni
On Tue, Jun 03, 2008 at 04:37:20PM -0400, Eric Cronin wrote: On Jun 3, 2008, at 11:51 AM, Adam Aviv wrote: Depending on the level of protection you want, you could just add a script to your .forward to encrypt your email before delivery using PGP/GPG. However, this will leave the headers

Re: Protection mail at rest

2008-06-01 Thread Victor Duchovni
mature offerings any time soon. We'd have to build a boutique service for cipher-punks. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAIL

Re: RIM to give in to GAK in India

2008-05-31 Thread Victor Duchovni
the current KEK. There is not in practice any need for a PKI in this context, it looks rather a lot more like Kerberos than PKI. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender

Re: RIM to give in to GAK in India

2008-05-30 Thread Victor Duchovni
On Thu, May 29, 2008 at 10:05:17AM -0400, Derek Atkins wrote: Arshad Noor [EMAIL PROTECTED] writes: Even if RIM does not have the device keys, in order to share encrypted data with applications on the RIM server, the device must share a session key with the server; must it not?. Isn't

Re: RIM to give in to GAK in India

2008-05-27 Thread Victor Duchovni
On Tue, May 27, 2008 at 08:08:11PM +0100, Dave Korn wrote: Well spotted. Yes, I guess that's what Jim Youll was asking. And I should have said seemingly-contradictory. This is, of course, what I meant by marketeering: when someone asks if your service is insecure and interceptable, you

Re: The perils of security tools

2008-05-22 Thread Victor Duchovni
On Tue, May 13, 2008 at 02:10:45PM +0100, Ben Laurie wrote: [Moderator's note: A quick reminder: please use ASCII except if you need Unicode to spell your name right. Microsoft's proprietary quote marks are not a standard and don't look right on non-Microsoft displays. I edited them out of

Re: User interface, security, and simplicity

2008-05-07 Thread Victor Duchovni
in (realistic) bounded memory (no fork: out of memory). -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley

Re: User interface, security, and simplicity

2008-05-06 Thread Victor Duchovni
On Sun, May 04, 2008 at 10:24:13PM -0400, Thor Lancelot Simon wrote: I believe that those who supply security products have a responsibility to consider the knowledge, experience, and tendencies of their likely users to the greatest extent to which they're able, and supply products which will

Re: User interface, security, and simplicity

2008-05-06 Thread Victor Duchovni
On Tue, May 06, 2008 at 11:40:53AM -0700, David Wagner wrote: - With the upcoming EECDH support, users don't choose curves directly, they again choose a security grade, and the correspnding curves are configurable via parameters they are not expected to ever look at or modify.

Re: SSL and Malicious Hardware/Software

2008-04-29 Thread Victor Duchovni
of privacy at work vary by jurisdiction and industry. In the US, and say in the financial services industry, any such expectations are groundless (IANAL). -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST

Re: Cruising the stacks and finding stuff

2008-04-21 Thread Victor Duchovni
crack a cipher with ~95 bits security, the estimate is grossly wrong. If (generously) A5 is 64 bits of work, AES is ~20 orders of magnitude stronger. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST

Re: how to read information from RFID equipped credit cards

2008-04-02 Thread Victor Duchovni
On Tue, Apr 01, 2008 at 12:47:45AM +1300, Peter Gutmann wrote: Actually there are already companies doing something like this Which ones do you think are doing a decent job of this? but they've run into a problem that no-one has ever considered so far: The GTCYM needs a (relatively)

Re: [p2p-hackers] convergent encryption reconsidered

2008-03-31 Thread Victor Duchovni
On Sun, Mar 30, 2008 at 05:13:07PM -0400, Ivan Krsti?? wrote: That's a brute force search. If your convergence key, instead of being a simple file hash, is obtained through a deterministic but computationally expensive function such as PBKDF2 (or the OpenBSD bcrypt, etc), then step 3

Re: TLS-SRP TLS-PSK support in browsers (Re: Dutch Transport Card Broken)

2008-02-09 Thread Victor Duchovni
On Thu, Feb 07, 2008 at 08:47:20PM +1300, Peter Gutmann wrote: Victor Duchovni [EMAIL PROTECTED] writes: While Firefox should ideally be developing and testing PSK now, without stable libraries to use in servers and browsers, we can't yet expect anything to be released. Is that the FF

Re: Fixing SSL (was Re: Dutch Transport Card Broken)

2008-02-09 Thread Victor Duchovni
and rather minimally documented. The interfaces are not portable between browsers, ... It's a mess. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML

Re: TLS-SRP TLS-PSK support in browsers (Re: Dutch Transport Card Broken)

2008-02-06 Thread Victor Duchovni
Firefox should ideally be developing and testing PSK now, without stable libraries to use in servers and browsers, we can't yet expect anything to be released. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST

Re: Dutch Transport Card Broken

2008-02-01 Thread Victor Duchovni
On Fri, Feb 01, 2008 at 01:15:09PM +1300, Peter Gutmann wrote: Victor Duchovni [EMAIL PROTECTED] writes: Jumping in late, but the idea that *TCP* (and not TLS protocol design) adds round-trips to SSL warrants some evidence (it is very temping to express this skepticism more bluntly

Re: Dutch Transport Card Broken

2008-01-31 Thread Victor Duchovni
is not the answer. Otherwise, claiming that SSL is less efficient over TCP smacks of arrogance. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAIL

Re: Dutch Transport Card Broken

2008-01-31 Thread Victor Duchovni
On Thu, Jan 31, 2008 at 02:28:30PM -0500, Anne Lynn Wheeler wrote: TCP requires minimum of seven message exchange for reliable transport VMTP (rfc 1045) got that down to minimum of five messages, and XTP then got it down to three messages minimum for reliable transport (disclaimer we

Re: SSL/TLS and port 587

2008-01-23 Thread Victor Duchovni
#smtpd_tls_auth_only http://www.postfix.org/postconf.5.html#smtp_sasl_tls_security_options which is highly suggestive of using TLS to protect plain-text passwords in flight. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy

Re: crypto class design

2007-12-19 Thread Victor Duchovni
, and training can be based around the approaches taken in the show-case systems. When I hear developers demanding security APIs I pretend to be deaf... -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST

Re: Scare tactic?

2007-09-20 Thread Victor Duchovni
NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: Neal Koblitz critiques modern cryptography.

2007-09-04 Thread Victor Duchovni
in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: Quantum Cryptography

2007-06-26 Thread Victor Duchovni
, but if I were a budget director I would spend the money elsewhere... I am most curious as to the legal issue that came up regarding QKD. Indeed, what was the legal question that got us here? -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please

Re: Quantum Cryptography

2007-06-22 Thread Victor Duchovni
MITM (just as plausible IMHO with fixed circuits as passive eavesdropping)? Once QKD is augmented with authentication to address MITM, the Q seems entirely irrelevant. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify

Re: Quantum Cryptography

2007-06-22 Thread Victor Duchovni
interactions with the fake terminal. Is the system still secure? Likely not, I would bet The threat model was card forgery, not MITM. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security

Re: Quantum Cryptography

2007-06-22 Thread Victor Duchovni
(charitably) fiction. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege

Re: Blackberries insecure?

2007-06-21 Thread Victor Duchovni
: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: wrt Network Endpoint Assessment

2007-06-21 Thread Victor Duchovni
Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: Quantum Cryptography

2007-06-21 Thread Victor Duchovni
NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: 307 digit number factored

2007-05-24 Thread Victor Duchovni
On Wed, May 23, 2007 at 06:34:26PM +0200, Florian Weimer wrote: * Victor Duchovni: That's good of you not to expect it, given that zero of the major CAs seem to support ECC certs today, and even if they did, those certs would not work in IE on XP. We are not talking about this year

Re: 307 digit number factored

2007-05-22 Thread Victor Duchovni
the server certificate by its md5, sha1, or SHA256/384/512 fingerprint. (No support for web-of-trust, one step at a time). -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender

Re: 307 digit number factored

2007-05-21 Thread Victor Duchovni
. With EECDH one can use ECDH handshakes signed with RSA keys, but that does not really address any looming demise of 1024 bit RSA. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender

Re: More info in my AES128-CBC question

2007-04-20 Thread Victor Duchovni
Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: AES128-CBC Question

2007-04-19 Thread Victor Duchovni
question, not an algorithm question, so you need a security review of the protocol (which you have not described). -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does

Re: hoofbeats of zebras, was DNSSEC to be strangled at birth.

2007-04-06 Thread Victor Duchovni
less likely, so though I don't find it a credible threat, the publicity may help to avert any silliness from coming to pass. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender

Re: Cracking the code?

2007-03-03 Thread Victor Duchovni
to follow in the footsteps of Randal L. Schwartz, it is sadly best to stay ignorant of such matters... -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive

Re: Failure of PKI in messaging

2007-02-15 Thread Victor Duchovni
RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: OT: SSL certificate chain problems

2007-02-04 Thread Victor Duchovni
On Wed, Jan 31, 2007 at 01:57:04PM +1300, Peter Gutmann wrote: Victor Duchovni [EMAIL PROTECTED] writes: What I don't understand is how the old (finally expired) root helps to validate the new unexpired root, when a verifier has the old root and the server presents the new root in its trust

Re: OT: SSL certificate chain problems

2007-02-03 Thread Victor Duchovni
On Wed, Jan 31, 2007 at 01:57:04PM +1300, Peter Gutmann wrote: Victor Duchovni [EMAIL PROTECTED] writes: What I don't understand is how the old (finally expired) root helps to validate the new unexpired root, when a verifier has the old root and the server presents the new root in its trust

Re: OT: SSL certificate chain problems

2007-01-30 Thread Victor Duchovni
On Sat, Jan 27, 2007 at 02:12:34PM +1300, Peter Gutmann wrote: Victor Duchovni [EMAIL PROTECTED] writes: Wouldn't the old root also (until it actually expires) verify any certificates signed by the new root? If so, why does a server need to send the new root? Because the client may

Re: OT: SSL certificate chain problems

2007-01-30 Thread Victor Duchovni
a verifier has the old root and the server presents the new root in its trust chain. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAIL

Re: OT: SSL certificate chain problems

2007-01-26 Thread Victor Duchovni
On Fri, Jan 26, 2007 at 07:06:00PM +1300, Peter Gutmann wrote: Victor Duchovni [EMAIL PROTECTED] writes: Generally it is enough for a TLS server or client to present its own certificate and all *intermediate* CA certificates, sending the root CA cert is optional, because if the verifying

Re: analysis and implementation of LRW

2007-01-25 Thread Victor Duchovni
. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use

Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-20 Thread Victor Duchovni
On Sat, Jan 20, 2007 at 10:10:47PM +1300, Peter Gutmann wrote: Victor Duchovni [EMAIL PROTECTED] writes: It took reading the code to determine the following: - ASN.1 Strings extracted from X.509v3 certs are not validated for conformance with the declared character syntax. Strings

Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-19 Thread Victor Duchovni
of the interface, that I am not making unfounded assumptions, and there are no obvious bugs in the part of the library that I am reviewing. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security

Re: A web site that believes in crypto

2007-01-14 Thread Victor Duchovni
On Wed, Jan 10, 2007 at 06:31:21PM -0500, Steven M. Bellovin wrote: I just stumbled on a web site that strongly believes in crypto -- *everything* on the site is protected by https. If you go there via http, you receive a Redirect. The site? www.cia.gov: $ telnet www.cia.gov 80 Trying

Re: SSL (https, really) accelerators for Linux/Apache?

2007-01-02 Thread Victor Duchovni
handshake per cache TTL and then just bulk crypto for many deliveries that reuse the cached SSL session. So what is your load like? -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security

Re: hashes on restricted domains: random functions or permutations?

2006-10-18 Thread Victor Duchovni
On Wed, Oct 18, 2006 at 12:00:41AM -0400, Victor Duchovni wrote: Hash functions are supposed to be pseudo-random. For a 160 bit hash In an input set of 2^80 elements we should expect to find a collision... If we iterate from a random starting point we expect to enter a cycle of length ~2^79

Re: Why the exponent 3 error happened:

2006-09-14 Thread Victor Duchovni
). -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege

Re: mailer certificate retrieval via LDAP?

2006-06-09 Thread Victor Duchovni
: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: Status of opportunistic encryption

2006-06-01 Thread Victor Duchovni
be a good foundation. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege

Re: Status of SRP

2006-06-01 Thread Victor Duchovni
: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: Status of opportunistic encryption

2006-05-29 Thread Victor Duchovni
, but I am somewhat pessimistic about the likelihood of this happening soon. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan

Re: picking a hash function to be encrypted

2006-05-14 Thread Victor Duchovni
to re-invent the wheel? It took multiple iterations of design improvements to get TLS right, even though it was designed by experts. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security

Re: picking a hash function to be encrypted

2006-05-14 Thread Victor Duchovni
On Sun, May 14, 2006 at 07:56:17PM -0500, Travis H. wrote: On 5/14/06, Victor Duchovni [EMAIL PROTECTED] wrote: Security is fragile. Deviating from well understood primitives may be good research, but is not good engineering. Especially fragile are: Point taken

Re: Linux RNG paper

2006-05-05 Thread Victor Duchovni
that are file system agnostic, cannot violate block update atomicity and so MUST not offer integrity. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive

Re: History and definition of the term 'principal'?

2006-04-26 Thread Victor Duchovni
principals (global naming) to subjects/users (local naming). So principal != account. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAIL

Re: Secure Blue from IBM

2006-04-13 Thread Victor Duchovni
is stored, new key management issues come to the surface. I for one would not want to lose my hard-drive if the CPU is fried... -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security

Re: [Cfrg] HMAC-MD5

2006-03-29 Thread Victor Duchovni
On Wed, Mar 29, 2006 at 10:51:08AM +0200, [EMAIL PROTECTED] wrote: In am nearly sure that a preimage attack (MD5) will be found in the next two or three years. Is there already evidence of progress in that direction? -- Viktor.

Re: Linux RNG paper

2006-03-22 Thread Victor Duchovni
NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: Zfone and ZRTP :: encryption for voip protocols

2006-03-16 Thread Victor Duchovni
model for the mass market. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege

Re: NPR : E-Mail Encryption Rare in Everyday Use

2006-03-08 Thread Victor Duchovni
in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: NPR : E-Mail Encryption Rare in Everyday Use

2006-03-08 Thread Victor Duchovni
. MaximEither it is not mature enough, or it has spam./Maxim -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley

Re: NPR : E-Mail Encryption Rare in Everyday Use

2006-03-08 Thread Victor Duchovni
to unfairly tarnish the competence of the email RFC writers, without regard to the intrinsic properties of the medium. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does

Re: NPR : E-Mail Encryption Rare in Everyday Use

2006-03-01 Thread Victor Duchovni
interoperable systems... -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege

Re: NPR : E-Mail Encryption Rare in Everyday Use

2006-02-28 Thread Victor Duchovni
RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

Re: GnuTLS (libgrypt really) and Postfix

2006-02-17 Thread Victor Duchovni
expect views to shift dramatically. If the developers were open to the issue, the request might have been fruitful. If they dig in their heels, I am free to use other libraries. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy

Re: GnuTLS (libgrypt really) and Postfix

2006-02-15 Thread Victor Duchovni
- sons. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege

Re: GnuTLS (libgrypt really) and Postfix

2006-02-14 Thread Victor Duchovni
and needs to be reported as such. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege

Re: GnuTLS (libgrypt really) and Postfix

2006-02-14 Thread Victor Duchovni
over OpenSSL (not GnuTLS) and OpenSSL has an error stack, which the application can process as it sees fit. The libgrypt approach to error reporting is not acceptable. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X

Re: GnuTLS (libgrypt really) and Postfix

2006-02-14 Thread Victor Duchovni
NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited

  1   2   >