thanks!
Michael
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Hi,
I (still) cannot believe how Symantec reacts to the DigiNotar breaches -
basically ignoring the known shortcomings:
http://www.symantec.com/connect/blogs/why-your-certificate-authority-matters
Marketing department speaking, no doubt.
Ralph
--
Dipl.-Inform. Ralph Holz
I8: Network
On Wed, Sep 07, 2011 at 03:54:08PM +0200, jd.cypherpunks wrote:
Thawte is part of Verisign, that is a spin-off from RSA Security.
Am I right?
Close, but it's the other RSA. A.k.a. Republic of South Africa.
-jf
___
cryptography mailing list
Jan-Frode Myklebust writes:
On Wed, Sep 07, 2011 at 03:54:08PM +0200, jd.cypherpunks wrote:
Thawte is part of Verisign, that is a spin-off from RSA Security.
Am I right?
Close, but it's the other RSA. A.k.a. Republic of South Africa.
Verisign is an early spin-off from RSA Security.
On 08/09/2011, at 11:31, Lucky Green shamr...@cypherpunks.to wrote:
The SSL/public CA model did an admirable job in that regard and Taher
ElGamal and Paul Kocher deserve full credit for this accomplishment.
As long as we can document that original model, I'm inclined to agree.
SSL's
Hi, Lucky, good to see some perspective!
On 08/09/2011, at 8:52, Lucky Green shamr...@cypherpunks.to wrote:
o Changes to OCSP
.
The
problem was that the top three CA vendors at the time, RSA Security,
VeriSign, and Netscape didn't have a comprehensive database of
certificates issued by
On Thu, Sep 8, 2011 at 1:30 AM, Ralph Holz h...@net.in.tum.de wrote:
Hi,
I (still) cannot believe how Symantec reacts to the DigiNotar breaches -
basically ignoring the known shortcomings:
http://www.symantec.com/connect/blogs/why-your-certificate-authority-matters
To be contrarian for a
Hi,
http://www.symantec.com/connect/blogs/why-your-certificate-authority-matters
To be contrarian for a moment
[...]
This isn't to say it justifies or supports the marketing campaign, but
perhaps there is a real message hidden in there after all?
That would be a really far-sighted
Hi,
On Thu, Sep 8, 2011 at 6:20 PM, Andy Steingruebl a...@steingruebl.comwrote:
On Thu, Sep 8, 2011 at 1:30 AM, Ralph Holz h...@net.in.tum.de wrote:
Hi,
I (still) cannot believe how Symantec reacts to the DigiNotar breaches -
basically ignoring the known shortcomings:
On Thu, Sep 8, 2011 at 1:53 PM, Adam Back a...@cypherspace.org wrote:
btw Massive kudos to the comodo hacker if his 'sploits are accurately
bragged, favor he did the SSL/PKI community indeed. There were multiple
files posted as trophies so I presume people have verified.
Whether they're for
I wonder how many CAs are going to report back with defects and
promises that they will fix?
http://www.pcworld.com/businesscenter/article/239699/after_digital_certificate_hack_mozilla_seeks_reassurances.html
In emails sent out to digital certificate authorities Thursday,
Mozilla Certificate
A long time ago I read an account on a website of a test done in the 90s
on public RSA keys. A keyserver operator was politely asked for the
entire database of public keys, and he complied (I think it was the MIT
keyserver and the researchers were at MIT, but I don't recall.)
The public keys
On 2011-09-09 9:11 AM, Lucky Green wrote:
- while it is possible to build communication systems that use some of
the components of the SSL system that withstand governmental security
services interception (I have designed and deployed such systems
myself)
yurls?
an entirely different system
13 matches
Mail list logo
