ou changed messaging services.
"A person has one identifier in another person's client?"
How would you guys go about designing a system like what I describe?
Like that above - requirements driven by business/people behaviour.
iang
___
On 17/01/2016 10:13 am, travis+ml-rbcryptogra...@subspacefield.org wrote:
I'm embarrassed by the long, rambling post. It was notes to myself,
which I then circulated to my friends and forwarded without editing.
I should summarize.
0) Bitcoin is amazing technology. Truly neat. Many related
http://www.bbc.co.uk/news/uk-35058761
Britain's most secretive organisation - GCHQ - has added a cryptic twist
to Christmas card season by including a baffling brainteaser.
This year spy agency director Robert Hannigan is sending out a complex
grid-shading puzzle inside his traditional
to protect the confidentiality of VoIP conversations.
http://wwwx.cs.unc.edu/~kzsnow/uploads/8/8/6/2/8862319/foniks-oak11.pdf
My emphasis - I'd love to see some examples... iang
___
cryptography mailing list
cryptography@randombit.net
http
On 19/10/2015 18:42 pm, John Young wrote:
WikiLeaks Hosts Cryptome with Search
https://cryptome.wikileaks.org
Congrats! Nice mix.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo
with SHA2. Use SHA3. In 2025, the herd will
be stampeding all over SHA256's tired old bones. You'll be grateful for
having retired it in good time, and will have the space, peace and quiet
to think about using SHA4.
iang
___
cryptography maili
a padlock to users
that means you're secure?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
-- both to
recall what an attack was, and to get a feel for the range of attacks
out there. Built by security jock Paul Chen.
That's a keeper, definitely gets a link on my CA history of threats:
https://wiki.cacert.org/Risk/History
Which lacks any sexy graphics.
iang
On 11/05/2015 17:56 pm, Thierry Moreau wrote:
On 05/09/15 11:18, ianG wrote:
Workshop on Elliptic Curve Cryptography Standards
June 11-12, 2015
Agenda now available!
The National Institute of Standards and Technology (NIST) will host a
Workshop on Elliptic Curve Cryptography Standards at NIST
for meetings
held at NIST.
Agenda, registration and workshop details are available at the workshop
website: http://www.nist.gov/itl/csd/ct/ecc-workshop.cfm
iang (as forwarded by Russ to [saag])
___
cryptography mailing list
cryptography@randombit.net
http
On 11/03/2015 05:25 am, Peter Gutmann wrote:
ianG i...@iang.org writes:
We will also describe and present results for an entirely new unpublished
attack against a Chinese Remainder Theorem (CRT) implementation of RSA that
will yield private key information in a single trace.
An actual
On 10/03/2015 11:38 am, John Young wrote:
The Intercept has released files on Apple, DPA and other
cryptanalysis:
http://cryptome.org/2015/03/nsa-apple-dpa-intercept-15-0309.zip (12pp,
1.9MB)
tpm-vulnerabilities... 16th March 2012?
We will also describe and present results for an entirely
-engineering,
over-committeeing or over-consulting (h/t to PHB's rework process).
And the #1 vulnerability is delivering something to the user that she
walks away from. OK, that aligns somewhat in your No 1 above...
Also known as K6.
iang
have a switch from numbers to letters, so are
really clunky. And letters are bigger than numbers, so stick with letters.
On the initiating phone it prints the code in huge letters and
underneath the phonetics in smaller type.
iang
___
cryptography
On 17/02/2015 15:56 pm, Jerry Leichter wrote:
On Feb 17, 2015, at 6:35 AM, ianG i...@iang.org wrote:
Here's an interesting comparison. Most academic cryptographers believe
that the NSA has lost its lead: While for years they were the only ones
doing cryptography, and were decades ahead
[0], the
crypto isn't what is being attacked here. It's the software engineering
and the crappy security systems.
iang
[0] http://financialcryptography.com/mt/archives/001460.html
___
cryptography mailing list
cryptography@randombit.net
http
implementation from Equation group’s malware is particularly
interesting and deserves special attention because of its specifics.
(followed by discussion of an optimisation found that also allowed some
degree of tracking to other APT groups.)
iang
[0] http
the evidence, the masses still won't believe it. But,
speaking for myself, knowing that there was compelling verified evidence
of actual skulduggery was something that kept me sane.
iang
___
cryptography mailing list
cryptography@randombit.net
http
lead to other benefits.
iang
On 16/12/2014 16:39 pm, ianG wrote:
Surprisingly, the OneRNG project is already half way to the goal of $10k
NZD after only a week.
https://www.kickstarter.com/projects/moonbaseotago/onerng-an-open-source-entropy-generator
One reason I really like this project
with open hardware designs, we can have
a chance of leaking this project into all sorts of other things like
home routers, IoT things, Bitcoin hardware wallets etc.
iang
On 15/12/2014 19:18 pm, ianG wrote:
After Edward Snowden's recent revelations about how compromised our
internet security has
https://www.kickstarter.com/projects/moonbaseotago/onerng-an-open-source-entropy-generator
About this project
After Edward Snowden's recent revelations about how compromised our
internet security has become some people have worried about whether the
hardware we're using is compromised - is
I often point out that our security model thinking is typically informed
by stopping all breaches rather than doing less damage. Here's some
indication of damage.
On 27/11/2014 03:04 am, Ilya Levin wrote:
On Thu, Nov 27, 2014 at 1:04 AM, ianG i...@iang.org
mailto:i...@iang.org wrote:
http://underhandedcrypto.com/__rules/
http://underhandedcrypto.com/rules/
The Underhanded Crypto contest ...
And the main prize for a winner would be nearly
http://underhandedcrypto.com/rules/
The Underhanded Crypto contest was inspired by the famous Underhanded C
Contest, which is a contest for producing C programs that look correct,
yet are flawed in some subtle way that makes them behave
inappropriately. This is a great model for demonstrating
on a pedestal, and we can note the irony of financial
privacy with Bitcoin.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
The Workshop on Usable Security (USEC) will be held in conjunction with
NDSS on February 8, 2015. The deadline for USEC Workshop submissions is
November 24, 2014. – In previous years, USEC has also been collocated
with FC; for example in Okinawa, Bonaire, and Trinidad and Tobago.
Additional
On 13/10/2014 16:45 pm, coderman wrote:
On 10/13/14, ianG i...@iang.org wrote:
...
your welcome ;-)
a considered and insightful response to my saber rattling diatribe.
i owe you a beer, sir!
I'm honoured!
Ah well, there is another rule we should always bring remember:
Do
https://www.openssl.org/~bodo/ssl-poodle.pdf
SSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most
practical purposes it has been replaced by its successors TLS 1.0
[RFC2246], TLS 1.1 [RFC4346], and TLS 1.2 [RFC5246], many TLS
implementations remain backwardscompatible with SSL
a bit.
Yeah, ain't that the truth. Meanwhile, data...
iang
[1] a lightning rod salesman is an expression in earlier American
times which refers to someone selling something you don't really need.
I think, perhaps others could explain it better
On 13/10/2014 14:32 pm, coderman wrote:
On 10/13/14, ianG i...@iang.org wrote:
...
No, and I argue that nobody should care about MITM nor downgrade attacks
nor any other theoretical laboratory thing. I also argue that people
shouldn't worry about shark attacks, lightning or wearing body
rendering their system as out of
balance as the fortress with the paling fence.
Understanding the weakness of the core average platforms has always
been in scope for deciding balance.
iang
___
cryptography mailing list
cryptography@randombit.net
a
trusted partner, the backdoor slides in, and nobody knows it is there.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
embarrassment is still easy enough to suppress: NDAs are a weapon.
Sunlight is your friend. The many eyeballs thing doesn't really find
any more bugs, it seems, but it certainly guarantees a scandal. The
agencies don't go where the sunlight is brightest.
On Sun, Aug 17, 2014 at 5:01 AM, ianG i
the lingo reset of recent
times. This is a valuable thing.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
From the strange bedfellows department, who cares about us all being
tracked everywhere? The Chinese, that's who ;)
http://www.securityweek.com/apple-iphone-threat-national-security-chinese-media
BEIJING - Chinese state broadcaster CCTV has accused US technology
giant Apple of threatening
, then
dropping it in the river.)
iang
ps; John's point is well taken. We don't have a way to escape success
being targetted. We don't have a way to pay for many small enclaves
with their own tech. We're stuck in a rocky business.
___
cryptography mailing list
http://sel4.systems/
General Dynamics C4 Systems and NICTA are pleased to announce the open
sourcing of seL4, the world's first operating-system kernel with an
end-to-end proof of implementation correctness and security enforcement.
It is still the world's most highly-assured OS.
What's being
On 16/06/2014 04:27 am, Thierry Moreau wrote:
On 2014-06-15 19:24, Tanja Lange wrote:
On Sun, Jun 15, 2014 at 02:13:04PM +0100, ianG wrote:
Or is this impossible to reconcile? If Certicom is patenting backdoors,
the only plausible way I can think of this is that it intends to wield
of
their customers.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
that are not facts
as you are pearly doing is a really bad idea. In particular...
On 15/06/14 14:13, ianG wrote:
What is also curious is that Dan
Brown is highly active in the IETF working groups for crypto,
That is not correct as far as I can see. In my local archives,
I see one email from him
to information
problems. LulzEconSec, anyone?
iang
[0] additional comments on the 'profit' side:
blue page 13: Although difficult to quantify, it is likely that
Monsegur’s actions prevented at least millions of dollars in loss to
these victims.
blue page 16: Through Monsegur’s cooperation
On 2/05/2014 06:41 am, Jeffrey Goldberg wrote:
On 2014-05-01, at 8:49 PM, ianG i...@iang.org wrote:
On 1/05/2014 02:54 am, Jeffrey Goldberg wrote:
On 2014-04-30, at 6:36 AM, ianG i...@iang.org wrote:
OK. So let me back peddle on “Ann trusts her browser to maintain a list of
trustworthy
. And that is not even considering the usability and
accessibility issues of all the fancy trusted path solutions that I've
seen.
Security researchers can not even guarantee that the status light of the
camera is on when it is recording images.
iang
On 2/05/2014 13:42 pm, Marcus Brinkmann wrote:
On 05/02/2014 01:33 PM, ianG wrote:
For me the sentence, “I had little choice but to trust X” is perfectly
coherent.
Yes, that still works. It is when it goes to no choice that it fails.
For example, I have no choice but to use my browser
On 30/04/2014 02:57 am, Jeffrey Goldberg wrote:
Hi Ian,
I will just respond to one of the many excellent points you’ve made.
Super, thanks!
On 2014-04-29, at 12:12 PM, ianG i...@iang.org wrote:
On 29/04/2014 17:14 pm, Jeffrey Goldberg wrote:
People do trust their browsers and OSes
.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
/archives/001255.html
Show which? The more things you do to it, and discover that nothing
changes, is evidence to the latter.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
...
which just happened to have invested big in a think called x.509. And
the rest is history.
Some commentary here, which is opinion not evidence.
http://financialcryptography.com/mt/archives/000609.html
iang
___
cryptography mailing list
cryptography
about it. Indeed, it's them that stopped others doing anything
about it.
Although it should be easier establishing your own certificate authority.
Oh, they fixed that too :)
iang
___
cryptography mailing list
cryptography@randombit.net
http
trust the authorities that have
been picked for you. The vector has been reversed, people are told
what has to happen, so there is no trust.
Trust derives from choice. Where is the choice?
iang
On Mon, Apr 28, 2014 at 3:00 PM, James A. Donald jam...@echeque.com
mailto:jam...@echeque.com
user has no choice.
iang
On Mon, Apr 28, 2014 at 4:42 PM, ianG i...@iang.org
mailto:i...@iang.org wrote:
On 29/04/2014 00:12 am, Ryan Carboni wrote:
trust is outsourced all the time in the non-cryptographic world
trust is built up all the time, risks are taken all the time
are being sorted out
now, over the last 5 years or so, in secret, but the joke of course is
that we still all believe that we're using trust and PKI and so forth
when none of that really applies.
iang
___
cryptography mailing list
cryptography@randombit.net
http
On 25/04/2014 18:40 pm, Tony Arcieri wrote:
On Fri, Apr 25, 2014 at 3:10 AM, ianG i...@iang.org
mailto:i...@iang.org wrote:
Worse, consider Firefox's behaviour: it considers a certificate-secured
site such as a self-cert'd site to be dangerous, but it does not
consider a HTTP
of the users unless you actually meet some of them.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 26/04/2014 02:15 am, grarpamp wrote:
On Fri, Apr 25, 2014 at 5:36 PM, ianG i...@iang.org wrote:
On 25/04/2014 22:14 pm, Jeffrey Walton wrote:
Somewhat off-topic, but Google took ChaCha20/Poly1305 live.
http://googleonlinesecurity.blogspot.com/2014/04/speeding-up-and-strengthening-https.html
/sp800-32.pdf
[2]https://www.eff.org/files/DefconSSLiverse.pdf,
https://www.eff.org/files/ccc2010.pdf
[3]http://en.wikipedia.org/wiki/Public-key_infrastructure
I just ate breakfast, no thanks :(
iang
___
cryptography mailing list
cryptography
On 15/04/2014 21:07 pm, d...@deadhat.com wrote:
http://clearcryptocode.org/tls/
Probably not going to happen, but it's nice to dream...
It is one of my long term, implausible goals to replace TLS with a
collection of independent app to app function-targeted security protocols
that are
-SHA1 and RC4-SHA1 in favor of AES-GCM and
ChaCha20-Poly1305 since they offer safer and faster
alternatives.
Close! 2 is s much closer to 1, it's even O(1).
iang
ps; obligatary toot:
http://iang.org/ssl/h1_the_one_true_cipher_suite.html
pps; Google, take your lead from Guus
XKCD strikes again:
https://xkcd.com/1354
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 11/04/2014 19:36 pm, Arshad Noor wrote:
On 04/11/2014 03:51 PM, ianG wrote:
On 11/04/2014 17:50 pm, Jeffrey Walton wrote:
http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html
The U.S. National Security Agency knew for at least two years
-sites-you-should-change-your-passwords-for-and-how-to-panic
Does anyone have a view as to the average cost to refit?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
/listinfo/xmpp
http://mail.jabber.org/mailman/listinfo/standards
If anyone has the time to make contributions, please do jump in (and
spread the word).
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman
for
the CA field, so if anyone can find any real damages effecting the CA
world, let me know!
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 8/04/2014 20:33 pm, Nico Williams wrote:
On Tue, Apr 08, 2014 at 01:12:25PM -0400, Jonathan Thornburg wrote:
On Tue, Apr 08, 2014 at 11:46:49AM +0100, ianG wrote:
While everyone's madly rushing around to fix their bitsbobs, I'd
encouraged you all to be alert to any evidence of *damages
On 8/04/2014 21:02 pm, tpb-cry...@laposte.net wrote:
You said you control a quite famous bug list.
Not me, you might be thinking of the other iang?
I should not ask this here, but considering the situation we found ourselves
regarding encryption infrastructure abuse from the part of US
Original Message
Subject: Announcing Mozilla::PKIX, a New Certificate Verification Library
Date: Mon, 07 Apr 2014 15:33:50 -0700
From: Kathleen Wilson kwil...@mozilla.com
Reply-To: mozilla's crypto code discussion list
dev-tech-cry...@lists.mozilla.org
To:
On 6/04/2014 05:46 am, coderman wrote:
On Mon, Mar 31, 2014 at 3:33 PM, ianG i...@iang.org wrote:
...
In some ways, this reminds me of the audit reports for compromised CAs.
Once you know the compromise, you can often see the weakness in the
report.
are these public reports
Has anyone looked at Tails?
http://www.salon.com/2014/04/02/crucial_encryption_tool_enabled_nsa_reporting_on_shoestring_budget/
Crucial encryption tool enabled NSA reporting on shoestring budget
Big players in Snowden revelations publicly praise Tails, in hope of
gaining much-needed funding
On 3/04/2014 11:42 am, John Young wrote:
Stone's is a good statement which correctly places responsibility
on three-branch policy and oversight of NSA, a military unit obliged
to obey command of civilians however bizarre and politically self-serving.
ODNI and NSA have been inviting a series
casting judgement. Anyone got an idea?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 31/03/2014 18:49 pm, Michael Rogers wrote:
On 31/03/14 18:36, ianG wrote:
END of snippets, mostly to try and figure out what this protocol
is before casting judgement. Anyone got an idea?
http://tools.ietf.org/html/draft-rescorla-tls-extended-random-02
The United States Department
http://www.spiegel.de/international/world/spiegel-interview-with-former-nsa-director-michael-hayden-a-960389-druck.html
In 2008, when President Obama was elected, he had a BlackBerry. We
thought, oh God, get rid of it. He said, No, I am going to keep it. So
we did some stuff to it to make it a
http://www.fierceitsecurity.com/press-releases/nist-requests-comments-its-cryptographic-standards-process
As part of a review of its cryptographic standards development process,
the National Institute of Standards and Technology (NIST) is requesting
public comment on a new draft document that
part of their story, not this one.)
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
is imposed.
So as long as the interface specifies a byte layout, it is pretty much
up to a wider layer to extract the secret of the long conversion, if one
is in the unfortunate position of having to do addition, etc.
OK, much commentary added, and some conversion routines as well. Thanks!
iang
compatible fashion.
2. stick with the two u32s layed out in little-endian format,
regardless, if that's what everyone has already sort of done.
Any comments?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman
the same arguments that applied exportation bans for crypto
software apply here, especially that of pointlessness.
Cold war warriors never die, they just add more clauses to Wassenaar.
iang
___
cryptography mailing list
cryptography@randombit.net
http
On 9/01/14 18:05 PM, Peter Bowen wrote:
On Wed, Jan 8, 2014 at 11:54 PM, ianG i...@iang.org wrote:
On 9/01/14 02:49 AM, Paul F Fraser wrote:
Software and physical safe keeping of Root CA secret key are central to
security of a large set of issued certificates.
Are there any safe techniques
: what are safe techniques for handling root
CA keys?
(fwiw, the techniques described in BR are not safe, IMHO. But they are
industry 'best practice' so you might have to choose between loving
acceptance and safety.)
iang
___
cryptography mailing
to break lots of things.
That's a good idea. I wonder if it could be done efficiently? Hmmm...
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
version, one that had been written with the IETF and national standards
orgs in mind. Maybe someone could reverse-engineer these emails to
figure it out?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman
discuss
this.
Anyone who wants to join via teleconference: please get in contact with me. We
will arrange for remote participation.
good luck. I'm missing out on all the fun. Again!
iang
___
cryptography mailing list
cryptography@randombit.net
http
to fix, this might be the
guide for you.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
released it over New Year's Day, for
humour.
iang
[0] http://financialcryptography.com/mt/archives/001451.html
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
which was quite nice.
If in maths, others can comment.
iang
Hopefully I'll join you again one day ;)
Thanks in advance.
Ross
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 25/12/13 02:38 AM, Bill Frantz wrote:
On 12/25/13 at 2:05 PM, i...@iang.org (ianG) wrote:
So, assuming I sober up by the morn, and SO doesn't notice, where's
Ping's code?
See http://zesty.ca/pubs/yee-phd.pdf p217ff
Thanks! I had a quick look, it's in Python, I'm squeezed out. Also
studies done on how effective it is. The one I
recall is selling two t-shirts, one red and one green, with one at twice
the price...
Of course, this still leaves the question of how to control trust
without money. Another day...
iang
not email me anything that you are not comfortable also sharing with
the NSA.
Oh, that too.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
, skype). You can much better appreciate
what works for your design once it is up and running, and once your
users start telling you what they can do. This you cannot achieve at
all if you design in some cold-war PKI design from the get-go.
iang
looking at a hybrid design of both: Collectors collect
and save, and push into a mixer pool on their own when full. When the
EF/CSPRNG pulls a seed from the mixer, it pulls from collectors, pulls
from the pool, and mixes all that for the seed.
Thoughts?
iang
and careful risk analysis. History has not been
kind to open internet crypto projects.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 18/11/13 10:27 AM, ianG wrote:
In the cryptogram sent over the weekend, Bruce Schneier talks about how
to design protocols to stop backdoors. Comments?
To respond...
https://www.schneier.com/blog/archives/2013/10/defending_again_1.html
Design Strategies for Defending against Backdoors
In the cryptogram sent over the weekend, Bruce Schneier talks about how
to design protocols to stop backdoors. Comments?
https://www.schneier.com/blog/archives/2013/10/defending_again_1.html
Design Strategies for Defending against Backdoors
With these principles in mind, we can list design
morning, the
designated senior person would plug their token into a given device,
then walk away and get back to work.
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
must have been totally asleep to miss them...
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
am
assuming that it is as read, haven't checked sources... iang)
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Has anyone got/found test vectors for ChaCha?
iang
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On 31/10/13 14:31 PM, Sébastien Martini wrote:
Hi,
On Thu, Oct 31, 2013 at 12:14 PM, ianG i...@iang.org
mailto:i...@iang.org wrote:
Has anyone got/found test vectors for ChaCha?
For ChaCha20 it seems there are these tests
https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-02
the pie, they don't take from a
shrinking pie. But, there it is! There is now even a separate branch
of economics dealing with why lessons such as Ricardo's concepts in free
trade remain unlearnt, after hundreds of years.
iang
On 17/10/13 11:29 AM, Eugen Leitl wrote:
http://blogs.fas.org
because
these systems out there have never really considered certs, and often
enough they haven't even considered SSL.
iang
ps; More here:
http://wiki.cacert.org/Technology/KnowledgeBase/ClientCerts/theOldNewThing
___
cryptography mailing list
1 - 100 of 314 matches
Mail list logo
