On 3 Jan 2070, at 9:41, Nicholas Brawn wrote:
What's the state of the game with PGP and GPG compatibility?
Interesting question.
I'm using PGP 6.5.8 for my professional confidential e-mails and
sometimes I get complaints from GnuPG users saying they can't use my
Pubkey.
Currently I'm
On Sat, 3 Jan 1970 09:41:26 +1000, Nicholas Brawn said:
What's the state of the game with PGP and GPG compatibility?
According to the bug reports I receive for GnuPG, it seems that even
the latest versions of PGP (7.0.3?) are still not OpenPGP compatible.
At least they still don't understand
Something similar happened in England a few years back: Some cybercrooks*
set up an entire false bank - only the shop frontage and the cash machine,
which would display the customary Sorry this service not available blah
blah blah message if the user tried to get cash out. I believe the bank
At 01:59 PM 1/14/02 -0800, Eric Rescorla wrote:
Saying that SSL without certificates is fine as long as you
don't have active attacks is kind of like saying that leaving
your front door open is fine as long as noone tries to break
in.
No, its more. SSL sans certs is like using envelopes to
http://www.cl.cam.ac.uk/users/rja14/econws.html
Workshop on Economics and Information Security
University of California, Berkeley
May 16-17, 2002
Do we spend enough on keeping `hackers' out of our computer systems? Do we
not spend enough? Or do we spend too much?
Many system security
On Tue, 15 Jan 2002 09:42:32 +0100, Axel H Horns said:
I'm using PGP 6.5.8 for my professional confidential e-mails and
sometimes I get complaints from GnuPG users saying they can't use my
Pubkey.
So, you can't decrypt the attached message? Or does this problem
only occur with another
On Tue, 15 Jan 2002, D. A. Honig wrote:
[Moderator's note: Except that's precisely the point: Modulo MIM
attacks is like saying we're all immortal, modulo death. The
question isn't some sort of mystification of identity -- it is being
able to know that you're talking to the same Dear Abby
[The
question isn't some sort of mystification of identity -- it is being
able to know that you're talking to the same Dear Abby your friends
have talked to and that you talked to last week.
Here you're talking about reputation of nyms, which doesn't require
third parties or certs, just
Is there even development on the PGP (product) line? AFAIK
they (NAI) have not release PGP 7.x in source form. Worse, there
are a couple of bugs I found in 6.5.8 when I was porting it
to Tru64, but who knows if anyone is listening over at NAI.
It's a sad state of affairs. Perhaps I should go
Thor Lancelot Simon says:
Many operating systems use Linux-style (environmental noise
stirred with a hash function) generators to provide random
and pseudorandom data on /dev/random and /dev/urandom
respectively. A few modify the general Linux design by adding an
output buffer which is not
Is there even development on the PGP (product) line? AFAIK
they (NAI) have not release PGP 7.x in source form. Worse, there
are a couple of bugs I found in 6.5.8 when I was porting it
to Tru64, but who knows if anyone is listening over at NAI.
Years ago I bought a few copies of commercial
This result would seem to raise questions about SHA1 and MD5 as much
as about the quality of /dev/random and /dev/urandom. Naively, it
should be difficult to create input to these hash functions that
cause their output to fail any statistical test.
Arnold Reinhold
At 3:23 PM -0500 1/15/02,
At 03:23 PM 1/15/2002 -0500, Thor Lancelot Simon wrote:
Many operating systems use Linux-style (environmental noise
stirred with a hash function) generators to provide random
and pseudorandom data on /dev/random and /dev/urandom
respectively. A few modify the general Linux design by adding an
Arnold G. Reinhold says:
This result would seem to raise questions about SHA1 and MD5 as much
as about the quality of /dev/random and /dev/urandom. Naively, it
should be difficult to create input to these hash functions that
cause their output to fail any statistical test.
I would think
Thor Lancelot Simon wrote:
Many operating systems use Linux-style (environmental noise
stirred with a hash function) generators to provide random
and pseudorandom data on /dev/random and /dev/urandom
respectively.
...
The usual failure mode is too many runs of 1 1s. Using MD5
instead of
Werner Koch wrote:
According to the bug reports I receive for GnuPG, it seems that
even the latest versions of PGP (7.0.3?) are still not OpenPGP
compatible.
No, the latest version for Win32 is 7.1.1, and for MacOS 9 it is
7.1.0. I think it should be pointed out what a loaded statement the
Will Price [EMAIL PROTECTED] writes:
The SDK (which still includes little bits of your code Derek, and all
other crypto/network/passphrase and even all the UI code which
interacts with the crypto related code) has been published up through
7.1.1. The Windows GUI was last published at 6.5.8.
17 matches
Mail list logo