Re: [cryptography] can the German government read PGP and ssh traffic?

2012-05-29 Thread Peter Maxwell
On 30 May 2012 05:01, ianG wrote: > On 29/05/12 11:03 AM, Peter Maxwell wrote: > >> >> >> On 29 May 2012 01:35, Peter Gutmann > > wrote: >> >>Peter Maxwell mailto:pe...@allicient.co.uk>> >> >>writes: >> >> >Why on earth would you need to spread your p

Re: [cryptography] Master Password

2012-05-29 Thread Marsh Ray
On 05/29/2012 06:01 PM, Maarten Billemont wrote: Dear readers, I've written an iOS / Mac application whose goal it is to produce passwords for any purpose. I was really hoping for the opportunity to receive some critical feedback or review of the algorithm used[1]. [1] http://masterpassword

Re: [cryptography] can the German government read PGP and ssh traffic?

2012-05-29 Thread ianG
On 29/05/12 11:03 AM, Peter Maxwell wrote: On 29 May 2012 01:35, Peter Gutmann mailto:pgut...@cs.auckland.ac.nz>> wrote: Peter Maxwell mailto:pe...@allicient.co.uk>> writes: >Why on earth would you need to spread your private-key across any number of >less secure machine

Re: [cryptography] Master Password

2012-05-29 Thread Jonathan Thornburg
On Wed, 30 May 2012, Maarten Billemont wrote: > Master Password is different in that it generates passwords based > purely off of a user's master password and the name of the site. Is there a provision to rollover the master password [Useful to, e.g., regain security after ending a

[cryptography] Master Password

2012-05-29 Thread Maarten Billemont
Dear readers, I've written an iOS / Mac application whose goal it is to produce passwords for any purpose. I was really hoping for the opportunity to receive some critical feedback or review of the algorithm used[1]. -- ABOUT With an increasing trend of web applications requiring users to reg

Re: [cryptography] can the German government read PGP and ssh traffic?

2012-05-29 Thread Florian Weimer
* Eugen Leitl: > Unrelated, IIRC Microsoft changed the architecture of supernodes to allow > for lawful interception with Skype. Skype supports transparent call forwarding, so lawful intercept is possible as well. It's just a question of how much about the interception activity leaks to the part

Re: [cryptography] can the German government read PGP and ssh traffic?

2012-05-29 Thread The Doctor
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/28/2012 08:45 PM, Steven Bellovin wrote: > than relying "on the kindness of strangers". I haven't seen any > stories about making lawful intercept possible -- do you have a > source? https://www.pcworld.com/article/231359/microsoft_patents_spy