http://cryptanalysis.eu/blog/2012/02/02/dont-trust-satellite-phones-the-gmr-1-and-gmr-2-ciphers-have-been-broken/
Today, February 2nd 2012, Benedikt Driessen and Ralf Hund gave a very
interesting talk at Ruhr Universität Bochum about their work on
satellite phone security. In a nutshell, they
http://arstechnica.com/business/guides/2012/02/google-strips-chrome-of-ssl-revocation-checking.ars
--Steve Bellovin, https://www.cs.columbia.edu/~smb
___
cryptography mailing list
cryptography@randombit.net
On Mon, Feb 6, 2012 at 9:52 PM, Steven Bellovin s...@cs.columbia.edu wrote:
http://arstechnica.com/business/guides/2012/02/google-strips-chrome-of-ssl-revocation-checking.ars
--Steve Bellovin, https://www.cs.columbia.edu/~smb
Interesting blog post on this topic by Adam Langley
On 02/06/2012 09:00 PM, Jonathan Katz wrote:
One question, though. Langley writes: If the attacker is close to
the server then online revocation checks can be effective, but an
attacker close to the server can get certificates issued from many
CAs and deploy different certificates as needed.
On 2012-02-07 12:52 PM, Steven Bellovin wrote:
http://arstechnica.com/business/guides/2012/02/google-strips-chrome-of-ssl-revocation-checking.ars
A major, and long needed, improvement in reliability, security, and
performance.
___
cryptography