oducts by the Weinstein brothers, which during those days
were very active participants in both the Cypherpunks mailing list and
Cypherpunks meetings.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
AARG!, having burned the nym with the moderator of this list and who is
therefore now posting via the Hermes remailer commented on Microsoft,
which similarly burned the Palladium name, claims:
> Hopefully this will shed light on the frequent claims that
> Palladium will limit what programs people
with the shuttle, but I would not be surprised in the least
if all shuttles shared the same key.
[Remind me to some time recount the tale of my discussing key management
with the chief-cryptographer for a battlefield communication system
consid
Rich Salz wrote:
> Liberty is architected to be federated, unlike Passport.
The Liberty Alliance was stillborn to begin with. Not that it made any
practical difference, but the Liberty Alliance received an additional
bullet through the head the day that RSA Security, a key participant in
the Liber
Nicko wrote:
> > I think this comes down to a classic time/money tradeoff. PGP 8.0
> > Personal edition is currently priced at $39. Even as an
> experienced
> > Unix and PGP user I think that the GUI on PGP 8.0 will save
> me an hour
> > of effort over the lifetime of the product, which mean
g/cgi/cvsweb.cgi/src/sys/geom/bde/
Thanks,
--Lucky Green
[Moderator's note: FYI, NetBSD also has drive encryption these days. --Perry]
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptogr
ional desirable
STARTTLS-based feature in future releases of their software.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
may wish to inquire with competent legal
counsel as to the legality of performing this research in the U.S.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
a number of articles, it seems
worth mentioning that Microsoft stated explicitly that increasing the
security of DRM schemes protecting digital entertainment content, but
not executable code, formed the impetus to the Palladium effort.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Lastly, I feel obliged to mention that it is quite irrelevant what I,
Microsoft, or the subscribers to this list believe to be the case with
respect to my patent application. All that matters is what the patent
examiner at the USPTO believes. Unless one of the subscribers to this
list happens
y from source that matched the hash of
the binaries built by PGP.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
today - an application for
an US Patent covering numerous methods by which software applications
can be protected against software piracy on a platform offering the
features that are slated to be provided by Palladium.
--Lucky Green
---
Enzo wrote quoting Lucky:
> > The cert shows as being issued by Equifax because Geotrust
> purchased
> > Equifax's root embedded in major browsers since MSIE 5 on the
> > secondary market. (Geotrust purchased more than just the root).
>
> This raises an interesting legal issue. Should any loss
ket. (Geotrust purchased more than just the root).
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
he day, getting a new root into the browsers will cost
you about, give or take a few hundred k, $1M.
Which makes the slightly used nCipher box an even better value. :-)
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
James wrote:
> On 11 Jul 2002 at 1:22, Lucky Green wrote:
> > "Trusted roots" have long been bought and sold on the
> secondary market
> > as any other commodity. For surprisingly low amounts, you
> too can own
> > a trusted root that comes pre-
Peter Gutmann wrote, quoting Matthias Bruestle:
> Both Netscape 6 and MSIE 5 contain ~100 built-in,
> automatically-trusted CA certs.
>
> * Certs with 512-bit keys.
>
> * Certs with 40-year lifetimes.
>
> * Certs from organisations you've never heard of before
> ("Honest Joe's Used
>C
Bill wrote:
> At 10:07 PM 06/26/2002 -0700, Lucky Green wrote:
> >An EMBASSY-like CPU security co-processor would have seriously blown
> >the part cost design constraint on the TPM by an order of
> magnitude or
> >two.
>
> Compared to the cost of rewriting Windo
vendor re-bind your data file encryption keys to the new TPM. I
am not aware of any such plans for non-user generated data, such as
purchased entertainment content, but then requiring the user to
repurchase such data when changing motherboards is not incompatible with
the content providers
behind the
TCPA. The motive has been DRM. Does this mean that one should ignore the
benefits that TCPA might bring? Of course not. But it does mean that one
should carefully weigh the benefits against the risks.
--Lucky Green
cate the user to other online services.
It is very much the intent of the TCPA to permit the use of pseudonymous
credentials for many, if not most, applications. Otherwise, the TCPA's
carefully planned attempts at winning over the online liberty groups
wo
Bob wrote quoting Mark Hachman:
> The whitepaper can not be considered a roadmap to the design
> of a Palladium-enabled PC, although it is one practical
> solution. The whitepaper was written at around the time the
> Trusted Computing Platform Association
> (TCPA) was formed in the fall of 2000
ch one can obtain its globally
unique ID, the serial number of the application that created the
document, or the public key of the person who licensed the application.
(Other ways to exist but are omitted in the interest of brevity).
--Lucky Green
but not design documents, available to the
public, unfortunately does not provide any documentation which reasoning
lead to this decision.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
I mentioned, some which Steven Levy has published (though he
largely fell for the designated bait and missed the numerous hooks),
some which Bram has realized, and some which have yet to be talked
about. Some desirable, some questionable, and a lot of them downright
scary.
Sincerely,
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Anonymous writes:
> Lucky Green writes regarding Ross Anderson's paper at:
> Ross and Lucky should justify their claims to the community
> in general and to the members of the TCPA in particular. If
> you're going to make accusations, you are obliged to offer
> evid
no corresponding decryption keys. Reverse engineering turns
pretty dim at that point.
None of these obstacles are impossible to overcome, but not by Joe
Computer User, not by even the most talented 16-year old hacker, and not
even by ma
rephrase John's very valid question in a slightly more targeted
fashion: how likely is it that cleared personnel working at the ISP will
refuse an official request for law enforcement assistance?
--Lucky Green
-
The Cr
orts of the TCPA
and the Hollings bill would be greatly aided by attempts to establish
which of the two scenarios is the fact the case.
--Lucky Green
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
John wrote quoting Lucky:
> > Locate the button in your MUA that's labeled "Use secure
> connection"
> > or something to that effect, search the docs for your MTA for the
> > words "STARTTLS", "relaying", and potentially "SASL", don't
> use your
> > ISP's smtp server, encourage those that you
Bill wrote:
> I have been thinking about how to limit denial of service
> attacks on a server which will have to verify signatures on
> certain transactions. It seems that an attacker can just
> send random (or even not so random) data for the signature
> and force the server to perform exten
ji wrote:
> Under this proposed law, will ISPs have to scan *all* SMTP
> traffic and record the envelope, or only the traffic for
> which they actually do
> SMTP forwarding? If the latter is the case, we can simply go
> back to the original end-to-end SMTP delivery model; no
> POP/IMAP or an
Enzo wrote:
> Further to Lucky's comments: in the last few days I have
> discussed keysize issues with a few people on a couple of
> mailing lists, and I have encountered a hostility to large
> keysizes of which, frankly, I don't understand the reasons.
> On the client side at least, performan
Anonymous wrote (quoting Adam):
> Adam Back wrote:
> > The mocking tone of recent posts about Lucky's call seems quite
> > misplaced given the checkered bias and questionable
> authority of the
> > above conflicting claims we've seen quoted.
>
> No, Lucky made a few big mistakes. First, he in
Enzo wrote:
> Hmmm... I see that the new 4096-bit super-duper key, besides
> its own (which doesn't prove much), only bears the signatures
> of the now revoked -as potentially compromised- old keys
> 0x375AD924 and 0xEEE8CFF3, plus 0x06757D2D (which turns out
> to be a 1024-bit DSA key) and
urprising, since many vendor offerings
fail to support larger keys.
In light of the above, I reluctantly revoked all my personal 1024-bit
PGP keys and the large web-of-trust that these keys have acquired over
time. The keys should be considered compromised. The revoked keys and my
new keys ar
Adam Back wrote:
> openSSL on a PIII-633Mhz can do 265 512 bit CRT RSA per
> second, or 50 1024 bit CRT RSA per second. So wether it will
> even speed up current entry-level systems depends on the
> correct interpretation of the product sheet.
>
> And the economics of course depends on how
Carl wrote:
> I suspect you find little written about OTP work because people have
> always assumed the keys were impractical to distribute, store and
> use.
While distribution of OTP's has become feasible amongst tightly-knit groups
of non-governmental actors, the rate at which OTP's can be gene
Philip,
If we can at all fit it into the schedule, IFCA will attempt to offer a
colloquium on this topic at FC. Based on the countless calls inquiring about
this issue that I received just in the last few days, the customers of
financial cryptography are quite concerned about the Bernstein paper,
this email encryption standard is supported out-of-the-box by the
overwhelming majority of deployed MUA's in the world.
-- Lucky Green <[EMAIL PROTECTED]>
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
1 7:54 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: FreeSWAN Release 1.93 ships!
On Sunday 09 December 2001 07:32 pm, Lucky Green
<[EMAIL PROTECTED]> wrote:
> The big question is: will FreeS/WAN latest release after some 4 or 5
> years of development finally both compile and ins
The big question is: will FreeS/WAN latest release after some 4 or 5
years of development finally both compile and install cleanly on current
versions of Red Hat Linux, FreeS/WAN's purported target platform?
--Lucky, who is bothered by the fact that most his Linux using friends
so far have been u
42 matches
Mail list logo