Re: Maybe It's Snake Oil All the Way Down

2003-06-04 Thread James A. Donald
-- On 3 Jun 2003 at 15:04, James A. Donald wrote: I never figured out how to use a certificate to authenticate a client to a web server, how to make a web form available to one client and not another. Where do I start? What I and everyone else does is use a shared secret, a password

Re: Maybe It's Snake Oil All the Way Down

2003-06-07 Thread James A. Donald
and server. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG EWYCMfM1ZE4FqHNgG8Xxq4Raoo0u92HCJxUTm9d6 4UkMVch4UVf7oFF6jEx+Nj5WJffMhrKnlz65qZyH1 - The Cryptography Mailing List

Re: Maybe It's Snake Oil All the Way Down

2003-06-07 Thread James A. Donald
unfailingly found that I was the only person capable of doing these operations at that company. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG v6gZFuZoUgyGH55ME+JoilJSfw5LrufrbWWB454U 4FhiB65yyXwp1RgeJrLADfEYBoqz0YAch8fJ0Fisp

Re: The real problem that https has conspicuously failed to fix

2003-06-12 Thread James A. Donald
. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG VBdyipPLv5JzjJ0eIFxxeMDsO30Us9Mvs7lmm2ka 4R5+YjVhKptjgGIVZsjTfX5nDogjTf2G8x7fRhKmN - The Cryptography Mailing List Unsubscribe by sending

Re: Session Fixation Vulnerability in Web Based Apps

2003-06-14 Thread James A. Donald
-- James A. Donald wrote: This flaw is massive, and the biggest villain is the server side code created for Apache. Ben Laurie This isn't the case. I analysed several sites I work on for attacks of the type described when this paper first came out. None of them were vulnerable

Re: Session Fixation Vulnerability in Web Based Apps

2003-06-14 Thread James A. Donald
-- On 14 Jun 2003 at 21:42, Ben Laurie wrote: The obvious answer is you always switch to a new session after login. Nothing cleverer is required, surely? I had dreamed up some rathe complicated solutions. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Re: Session Fixation Vulnerability in Web Based Apps

2003-06-15 Thread James A. Donald
generated the cookie in response to a valid login, as Ben Laurie does.. The framework, however, generally provides insecure cookies. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG hOTy2gXIGpC8U37+/qzVoX8ytaUtHZWZGueU4kX5

Re: New toy: SSLbar

2003-07-02 Thread James A. Donald
, if people were able to ensure they saw the same cert every time they hit what is purportedly the same site, this would take out most scams. Unfortunately, no one is going to memorize fingerprints. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: blackmail / real world stego use

2003-08-27 Thread James A. Donald
means that freenet could, if implemented correctly, prevent the authorities from knowing who published what, even with universal monitoring, and even if they did know who read what. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: invoicing with PKI

2003-09-03 Thread James A. Donald
tries to get a free certificate from Thawte will discover, makes it difficult, expensive, and inconvenient to get certificates. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG id/UsYl2xTf9Mswn+zhPXu3gZK4Hx7RMoDuc1LXZ 4TEx1/ENp2au248aS2r

Re: invoicing with PKI

2003-09-03 Thread James A. Donald
-- On 1 Sep 2003 at 19:17, Hadmut Danisch wrote: Is cryptography where security took the wrong branch? True names is where security took the wrong branch. The entire PKI structure has been rejected. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: Is cryptography where security took the wrong branch?

2003-09-07 Thread James A. Donald
-- At 12:30 PM 9/7/2003 -0700, James A. Donald wrote: To the extent that trust information is centrally handled, as it is handled by browsers, it will tend to be applied in ways that benefit the state and the central authority On 7 Sep 2003 at 17:19, Anne Lynn Wheeler wrote: Out

Re: Anyone Remember Zero Knowledge Systems?

2003-09-12 Thread James A. Donald
://jtcfrost.sourceforge.net/ If the music companies continue to try to hold back the tide, this may be the best thing yet for encryption. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG vpu+9/zR0VeZ9yrq0tX02mDo/qom+zk9HNCpvzBg 4Rh7IsRRuJOCzDjntfegD

Re: Financial identity is *dangerous*? (was re: Fake companies, real money)

2004-10-21 Thread James A. Donald
. Just say no to Windows XP. It's easy, especially when he's storing a bearer bond worth a car. What machine, attached to a network, using a web browser, and sending and receiving mail, would you trust? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: Financial identity is *dangerous*? (was re: Fake companies, real money)

2004-10-28 Thread James A. Donald
would be programmed by burning new proms, thus enabling easy reprogramming, while making it resistant to trojans and viruses. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Fkc1LRTOk91ROlSR8FZ74DmqbH7hISIn+MSojROa

MD5 To Be Considered Harmful Someday

2004-12-07 Thread James A. Donald
to me that MD5 was considered harmful back in 1997, though I did not know why at the time, and perhaps no one knew why. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG bEcutcm49V2l4gs02N+hlx0RuvlNCxolYqbHGLNY

RE: Blinky Rides Again: RCMP suspect al-Qaida messages

2004-12-13 Thread James A. Donald
is that it conceals your threat model. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG aV25L9tGoz00uU3bzcY+rbFDV5nX9BCkK67CRwcd 4mBXnVakFBPiPRCdugeDolUdtnd8iueWgYFwR3Pch - The Cryptography

Re: I'll show you mine if you show me, er, mine

2005-03-03 Thread James A. Donald
that they are in danger of being forgetten. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Dn3N69hcbr+mL/HUTw8OhGtKmD9rHYOMN4NTBkIY 47AOCXrb7e35xm5QBsHbFVr/jfm+XwTUvzdiytKpG

SpookAir, redux: No Secrets -- Eyes on the CIA

2005-03-03 Thread James A. Donald
what the owner of the records chose to reveal. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG PS5fDA87MKS6uCbiF0gJ/R+39ekRuwLazrAsTyAa 4MxSlekoFzNrLXER1RoAItoikUPxKn3udKQokRxkB

Re: [IP] One cryptographer's perspective on the SHA-1 result

2005-03-05 Thread James A. Donald
broken as to justify starting over. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG QVYtFQAELN4YlZ9xB60CvXTqW8QT8rOABMbJrPXE 4hz2qo1jnDwc3tmFFeyh6lG9sOrXL1783FYSh2s+v

Re: comments wanted on gbde

2005-03-15 Thread James A. Donald
your computer off your desk. If your cleaning lady is out to get you, it is much easier to create software that creates a false and misleading sense of security, than software that stops her. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 20zhgc

Re: NSA warned Bush it needed to monitor networks

2005-03-20 Thread James A. Donald
inflation and debasement. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG R4I4vh9JdcWBUfeQFXQ+i/TlFSVcljg/Og6KRDDj 4qwXmonSAX1xgyPdaB5TsB80yC66PjeWY5mzIpBuo - The Cryptography

how email encryption should work

2005-03-29 Thread James A. Donald
– an unobtrusive and easily ignored warning if he has never received a signed message from that source, a considerably stronger warning if he has previously received signed mail from that source. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: how email encryption should work (and how to get it used...)

2005-05-20 Thread James A. Donald
(SICS) in SCN'04 [available off my site], And your site is? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG To5/mH1p3iCBlpaC6McgYo2aehoFMV42OcrSW6Ze 4AmE3tC68Tiyw+VQHexWjeQmXnrDHI+41ty416j11

How secure is the ATA encrypted disk?

2005-05-20 Thread James A. Donald
to the disk? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG MWz38lml3/o9dkGLtWtJQZ1tp0gyiyL5eFG9bY/j 4tFQd7DIdLt5X6V438CPm2mQIV4/O2PZST9PN9sAM - The Cryptography Mailing List

Re: [Lucrative-L] double spends, identity agnosticism, and Lucrative

2005-05-20 Thread James A. Donald
From: Patrick [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Lucrative-L] double spends, identity agnosticism, and Lucrative Date: Tue, 29 Apr 2003 14:46:48 -0600 Importance: Normal Sender: [EMAIL PROTECTED] A quick experiment has confirmed the obvious: when a client reissues a coin

What happened with the session fixation bug?

2005-05-20 Thread James A. Donald
in the middle attacks. Have these bugs been addressed? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG vPV62zjEtpTJHTV5lKXu2Sw+/5fke2gh9AwPeqQj 4oqqXlvYYKn9rR63ZsSEEjgV5fVyWT9+e6YttP3G

Re: What happened with the session fixation bug?

2005-05-23 Thread James A. Donald
-- James A. Donald: PKI was designed to defeat man in the middle attacks based on network sniffing, or DNS hijacking, which turned out to be less of a threat than expected. However, the session fixation bugs http://www.acros.si/papers/session_fixation.pdf make https and PKI

Re: how email encryption should work (and how to get it used...)

2005-05-23 Thread James A. Donald
at the individual level - one key per email address, not one key per domain name. which would solve the spam problem, but is less immediately helpful than one key per domain name. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Fl8/gx81XkbuiLaqs0tMz

Re: Citibank discloses private information to improve security

2005-05-30 Thread James A. Donald
to be geek oriented, and do not secure stuff that is under heavy attack. Does anyone have any examples of SSH securing something that was valuable to the user, under attack, and then the key changed without warning? How then did the users react? --digsig James A. Donald 6YeGpsZR

Re: What happened with the session fixation bug?

2005-06-04 Thread James A. Donald
-- James A. Donald wrote: The way to beat session fixation is to issue a privileged and impossible to predict session ID in response to a correct login. If, however, you grant privileges to a session ID on the basis of a successful login, which is in fact the usual practice

Re: What happened with the session fixation bug?

2005-06-05 Thread James A. Donald
-- James A. Donald wrote: Adversary accesses web site as if about to log in, gets a session ID. Then supplies false information to someone else's browser, causes that browser on some one else's computer to use that session ID. Someone else logs in with hacker's session ID

Re: massive data theft at MasterCard processor

2005-06-23 Thread James A. Donald
random data which the end user decrypts. End user should then prove knowledge of that encrypted data. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG mvLPUs8OZQJeGGYzUgIlJCvGBKsPF9FUruhnF3tE 4Krdy9r1LLw/aZSGjrIDNHXOcHkloS7F9MGLCTB6o

Re: Optimisation Considered Harmful

2005-06-24 Thread James A. Donald
, and on a timer event, send out the buffer. Your code is now of course multithreaded - very easy to get multithreading bugs that never show up during testing, but non deterministically show up in actual use. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: Optimisation Considered Harmful

2005-06-25 Thread James A. Donald
-- James A. Donald: Suppose you have something that is inadvertently an oracle - it encrypts stuff from many different users preparatory to sending it out over the internet, and makes no effort to strongly authenticate a user. Have it encrypt stuff into a buffer, and on a timer

Re: the limits of crypto and authentication

2005-07-09 Thread James A. Donald
that is needed - a trusted device to put the application, display, keypad and net connection on - is even more expensive than the stop-gap two-factor authentication units commonly sold. Such a device sounds like a cell phone. --digsig James A. Donald 6YeGpsZR+nOTh

Re: New Credit Card Scam (fwd)

2005-07-12 Thread James A. Donald
insecure, and no good practices exist to make them secure. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG pPiA9t4S8XPLqBdKsuV/tb+p7tvWdaBMwkYer7hl 4+JSXe6MBo4npe1jgiYmnZNAqOAsX9u+daHcBra01

Re: ID theft -- so what?

2005-07-15 Thread James A. Donald
transfers take place over non internet networks, and rely on non internet identity. Inevitably, this will change, and that change will both necessitate, and be based on, the use of public key cryptography. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: ID theft -- so what?

2005-07-16 Thread James A. Donald
will not last nearly so long. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Fa1OKlHyGdiwEhSvi7sXvTo92wIBZ573qPLTCeLo 4TtZu3a5eWXjqK4Ol9jEIvUqnJ22YwURQUJdaf5xF - The Cryptography Mailing

Cross logins

2005-08-03 Thread James A. Donald
James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG kwlCI6Mq0EaMdsYIBsG4HSSU/4ClkoGzJaqI/la0 4fWyITvZRCkgtoqZc3tjKLElzZH7CStTwrq8OxcvR - The Cryptography Mailing List Unsubscribe by sending

Re: Cross logins

2005-08-05 Thread James A. Donald
-- James A. Donald Is it possible for two web sites to arrange for cross logins? Steve Furlong Does this question have a practical end in mind? If so, can you simplify matters by running both web sites on the same host? The situation envisaged is that A.com is known to B.com

Re: [Clips] The summer of PKI love

2005-08-12 Thread James A. Donald
, then the adversary has control of the token, even though the rightful user retains physical control of the token. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG k8jT9lI+qnD2l9zmgoEnD1dREI6nEAq21MKjTBy2 4l82lryIH7nTP4rjhCMmKYcuZkd3xQSd8Mtpt1S8d

Re: The summer of PKI love

2005-08-12 Thread James A. Donald
, is near zero and seems unlikely to change. PGP has substantially superior penetration. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 5l+2/VgKKsZ7L2MtEJUMxtB3jqOuld2RYZgm3QcV 4HS67bQDIU6jSwHy8CH7u3qvqnY5XGqLUbRMG5mgy

Re: Another entry in the internet security hall of shame....

2005-08-29 Thread James A. Donald
it by their browsers, but it does not give the protection intended, because people do what is necessary to avoid being nagged by browsers, not what is necessary to be secure. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG mQ0rM7wYdVTuoeMRUcrpDc1V9pUqhEgUmJMtyCZZ

Re: Another entry in the internet security hall of shame....

2005-08-29 Thread James A. Donald
Also petnames need to be linked to favorites. When you are on a site that is on your favorites list, you should see that it is on your favorites list. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG /RwA4zRnu4D2L0mSgGcsMv2Z3UGRcRDZnsqwkzh0

Re: Another entry in the internet security hall of shame....

2005-08-31 Thread James A. Donald
party that they know that secret without revealing it. If that's indeed so, wouldn't this have key management and storage issues that PK was designed to prevent in the first place? But does not, in fact, prevent. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Re: Another entry in the internet security hall of shame....

2005-09-11 Thread James A. Donald
it. For PKI to have all these wonderful benefits, everyone needs his own certificate. But the masses have not come to the party, in part because of the rather Orwellian requirements. Obviously I cannot get a certificate testifying that I am the one true James Donald, because I probably am not. So I

Re: ECC patents?

2005-09-13 Thread James A. Donald
are just blowing smoke. It has been a long time, and no one has paid out money on an ECC patent yet. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG T2A5LZ0emoxvUB9mpzAbsQaP6ZNjQpWobkfHEPls 4o11NuYw0FpVl962xoPzHTvBwM2AkgESWNKRblf9u

Re: Is there any future for smartcards?

2005-09-13 Thread James A. Donald
: : : : Installation Security warning: Unable to : : verify supplier. Continue anyway? Y/N Seems to me that the phone designers have done a better job with virus, worm, and malware resistance than Microsoft or Linux. Teenagers are pretty sophisticated. --digsig James A. Donald 6YeGpsZR

Re: Is there any future for smartcards?

2005-09-13 Thread James A. Donald
-- James A. Donald: Typical worm installation [on a smartphone] goes like this: : : Receive message via bluetooth from : : unnamed device? Y/N : : : : Installation Security warning: Unable to : : verify supplier. Continue anyway? Y/N Eugen Leitl It's just a networked

RE: ECC patents?

2005-09-17 Thread James A. Donald
at least the other six NIST curves as well, and most likely the other twelve. The three curves that are licensed look different from the other twelve, though I have no idea of the significance of this, if any. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: Clearing sensitive in-memory data in perl

2005-09-17 Thread James A. Donald
strings where they must be non const. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG nsfA32EGEKM0cU+MepqW0siOwFXqhO6L4ObDt/5P 4n7mr1z57RP4q1W6q39DjzRerUpSJz4w3SYQPtVCh

On Digital Cash-like Payment Systems

2005-10-26 Thread James A. Donald
Date sent: Tue, 25 Oct 2005 00:38:36 +0200 To: cyphrpunk [EMAIL PROTECTED] Copies to: John Kelsey [EMAIL PROTECTED], Ian G [EMAIL PROTECTED], [EMAIL PROTECTED], cryptography@metzdowd.com, [EMAIL PROTECTED] From: [EMAIL

Re: On the orthogonality of anonymity to current market demand

2005-10-31 Thread James A. Donald
, and provides a secure channel to the user. So secrets representing ID, and secrets representing value, can only be manipulated by the software that is supposed to be manipulating it. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: HTTPS mutual authentication alpha release - please test

2005-11-07 Thread James A. Donald
-- It seems to me that mutual authentication is pretty much irrelevant to HTTPS and certificates. You mutually authenticate by both knowing the password, as in SPEKE. Of course, SPEKE is patented, so is this scheme a way of getting around the patents? --digsig James A. Donald

How broad is the SPEKE patent.

2005-11-09 Thread James A. Donald
on a weak passphrase? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG c3YaEtPqVbOMIjHk3eId6UngzMgXPFWqhwk9daye 4S2HlmFAZeCAhYaaxiPBSR5+8yf8Wwqy+gi8rWY6f - The Cryptography Mailing

RE: How broad is the SPEKE patent.

2005-11-10 Thread James A. Donald
, not the web page, must set up and verify the password. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG FtM0KMPHrqFLxpaSShaR05Rlxb8CnxF4pHnz9Yqy 4RHOMGs4NJv8heDXAxtfYQ4sYI82tcElZ5wJ4qgvc

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-07 Thread James A. Donald
be transparently gatewayed to email as we know it. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG EHhbMLsVYHKM99sSClQYV0/o/XVA5PN4UrXpsU0v 4ca9QRhhmxSqwOK6ef12X8jbDKTR/AMD0r8RQzn9j

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-08 Thread James A. Donald
-- James A. Donald: We can, and should, compare any system with the attacks that are made upon it. As a boat should resist every probable storm, and if it does not it is a bad boat, an encryption system should resist every real threat, and if it does not it is a bad encryption

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-08 Thread James A. Donald
that this is because true names don't really address the issue of true relationships. Does anyone have any market research information as to why phishing targets generally send out plain mail? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-09 Thread James A. Donald
relationship between two people that know and trust each other. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG FYVMooN6NmFglw4lbAf5aNMCV9JMCU/ozMfXJMgI 4WWQ2pQAOpm3Ttro+Ga5AcJIyW4/gefQzmeVWEsPN

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-09 Thread James A. Donald
-- James A. Donald: We can, and should, compare any system with the attacks that are made upon it. As a boat should resist every probable storm, and if it does not it is a bad boat, an encryption system should resist every real threat, and if it does

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-12 Thread James A. Donald
-- James A. Donald wrote: However, the main point of attack is phishing, when an outsider attempts to interpose himself, the man in the middle, into an existing relationship between two people that know and trust each other. Anne Lynn Wheeler [EMAIL PROTECTED] in the traditional

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-12 Thread James A. Donald
. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG gvDLBPaNQFZ3Y0yhzmO2KnYEKGolt9E+eey2rPxE 4bGpW6AUGiMGbJFzaXJ8QcBY0HMhbypcque+5LrMd - The Cryptography Mailing List Unsubscribe

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-12 Thread James A. Donald
for public keys. After all these years, we still do not have a good fit between the capabilities of the technology, the usability of the interface, and the problems people need solved. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG X1okruQ3BE

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-12 Thread James A. Donald
serves any useful purpose. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG ca4N69sv32Q/plWYe5BnvcydTDFaMVJkZ0rPbVp6 4CRaaWK8UP3bCPHDbDzuPW7zEKImu5L9x7RUMIrbG

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-12 Thread James A. Donald
form of shared secret - their credit card number - the password whereby they login to their mail server. Therefore, whenever a user communicates anything to anyone, it should be secure, but it is not. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: crypto for the average programmer

2005-12-12 Thread James A. Donald
Date sent: Mon, 12 Dec 2005 00:41:13 -0600 From: Travis H. [EMAIL PROTECTED] To: cryptography@metzdowd.com Subject:crypto for the average programmer In Peter Gutmann's godzilla cryptography tutorial, he has some really good

RE: crypto for the average programmer

2005-12-12 Thread James A. Donald
was not the same as the problems that other standards solve. You should, however, never roll your own damned standard without good reason. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG TXXgVeLZjViyf6+f7NQt7WCs7MzxO/j25GYLXcEg 4js14nleizkni3mC38n

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-16 Thread James A. Donald
telling customers to conform to designer procedures. This has not had much success in the past. People using PGP in practice verify keys out of band, not through web of trust. People using https tend to click through. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Re: Crypto and UI issues

2005-12-16 Thread James A. Donald
name is a deep and difficult question, and one that people have little patience for when trying to log in. We are overloaded with names, with the result that true names are of limited value in ascertaining true relationships. --digsig James A. Donald 6YeGpsZR+nOTh

Re: Crypto and UI issues

2005-12-18 Thread James A. Donald
-- James A. Donald Let us imagine that SSH had certified keys. Well, certifying a key is bound to be complicated, and things are bound to go wrong, and the name that you bind it to is bound to be somewhat shifty. Ben Laurie I don't see why that would happen all that much

Re: browser vendors and CAs agreeing on high-assurance certificates

2005-12-18 Thread James A. Donald
, nor have I ever heard of such an attack. If no attacks, this is just an excuse for higher priced holy water, an attempt to alter the Browser interface to increase revenue, not increase security - to solve the CA's problem, not solve the user's problem. --digsig James A. Donald

Re: browser vendors and CAs agreeing on high-assurance certificates

2005-12-18 Thread James A. Donald
many names. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG CS4AkcyJ2ZhuZtOouD5yH0AnqodmyrqySuYZgRXQ 4Y1XkuPvMRrV9M2owdKcEoRRGZzIuxUqEcgxLcPX7 - The Cryptography Mailing List

Re: Crypto and UI issues

2005-12-19 Thread James A. Donald
-- James A. Donald: My two most recent logins were with First National Bank of Omaha and Your IBM Savings plan Is firstnational.com the same entity as First National Bank of Omaha? Is https://lb22.resources.hewitt.com; the same entity as Your IBM Savings plan From: Ben

Re: browser vendors and CAs agreeing on high-assurance certificates

2005-12-22 Thread James A. Donald
, we will never succeed in explaining to users that https://atbbr.bankofadelaide.com is safe while https://bankofadelaide.atbbr.com is unsafe. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 7lvFKmh9CI9ZQfYIy78zI4N2dRYic3ejlTGQRoao 4R5oEEaOy

Re: RNG quality verification

2005-12-27 Thread James A. Donald
where these random numbers ultimately come from. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 5i5rAiu+t+UqxlCHKBfiAn24UbuH1D2GsYrL3hv7 4q7w1mi+V9whucgThiyHnkPt0EkjS1oIAp9hQ1UKc

Re: X.509 / PKI, PGP, and IBE Secure Email Technologies

2005-12-27 Thread James A. Donald
the fact that domain name theft is a major problem. OpenSRS is good but their resellers a very bad. Unfortunately by default, one winds up having the same password with OpenSRS as with the reseller. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: ADMIN: end of latest SSL discussion

2005-12-28 Thread James A. Donald
-TLS-OpenSSL This also requires that establishing a relationship, and verifying a shared secret, should be part of the browser chrome, rather than a particular application of generic web forms. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 8epIQqxZ

PKCS to XML?

2006-01-03 Thread James A. Donald
, but that is not quite the same thing. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG x7HSdxkv/c2zoTJF7n9vrmNpEhiSFAXRD6FAlbcM 4KYwEbsOwZRupedV+quY2YciDAmLaxyYeulIr8mLr - The Cryptography Mailing

Re: RNG quality verification

2006-01-03 Thread James A. Donald
to observe directly. One must study what goes in, not what goes out. For any test, ask yourself this: If the source of random numbers was the current time, hashed with SHA and a sixteen bit fixed code, would your test show any problem? --digsig James A. Donald 6YeGpsZR+nOTh

Unforgeable dialog.

2006-01-31 Thread James A. Donald
is to take advantage of the only-one-popup rule for untrusted web pages, by popping up two related overlapping dialogs which hold a fixed position relative to each other - which visually is a sort of non rectangular dialog. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Re: Unforgeable dialog.

2006-02-08 Thread James A. Donald
, indistinguishable from those used by phishers. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 2nR74Yxw4lhrh+CUYfGSzn2lhDblXe27MD4Hb6/i 47hSn6z18XB2taOFnq+uHQwDG2WEDYsgB8vYgSlkv

Re: GnuTLS (libgrypt really) and Postfix

2006-02-14 Thread James A. Donald
is in fact achievable for really crucial applications. The more crucial the application, the more reason to write code that halts on error. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Cau3evB8n2DnP2D8ej3FHKKnKnMeseK65pUDF346

Re: GnuTLS (libgrypt really) and Postfix

2006-02-14 Thread James A. Donald
James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Ywzx2XsxbvPNX+eeGZVUpnq16108eQo1eBvq8K1I 46HVM7avhGKHTF4Y1SqhFSUdIsTlbJvpXX43jkvQP - The Cryptography Mailing List Unsubscribe by sending

Re: GnuTLS (libgrypt really) and Postfix

2006-02-15 Thread James A. Donald
such, there are better methods than testing. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG EQ0NuuGe3F81FVYLaVzuREVIM95sviNDw7cku0j6 4MEZw0qU0NMPYTNTSCMcjRi7wZSGRo06TUwlSmzr8

Re: GnuTLS (libgrypt really) and Postfix

2006-02-15 Thread James A. Donald
abort. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG yT/vxBNSRjFYGpU6iWTY1tvxDKTWkDa9wubFEmYD 40btwbJ8sjQGTu/vmkD4fjY1gud+1641iRf+Uq+Pb - The Cryptography Mailing List Unsubscribe

Re: NPR : E-Mail Encryption Rare in Everyday Use

2006-03-10 Thread James A. Donald
, but that they were writing for a more trusting and trustworthy world. Today, we have to do things differently. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG PRRq2Za8iG5qzD2wX3ug3xGXEWyekUqHQTZAspUQ 4Mjw8nFOqtf9erylBgQZo+5aUTVPzgKVdij0TQUDs

Is AES better than RC4

2006-05-23 Thread James A. Donald
, and no new ones have turned up for some time, nor does it seem likely that they will. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG aMGHaG1NbogokuNeDdZ0lhGIuup5dcnanNmv/M3z 4bFF4Yq8bD+vAGqsKwFG62Fy4ZEiJb+gVrl+FMJjh

Re: Is AES better than RC4

2006-05-24 Thread James A. Donald
-- James A. Donald AES is new, and people keep claiming progress towards breaking it, without however, so far producing any breaks. RC4 is old and has numerous known weaknesses, which are tricky to code around, and have caught many an implementor - notice for example Wifi

Re: Is AES better than RC4

2006-05-24 Thread James A. Donald
-- Joseph Ashwood wrote: RC4 should have been retired a decade ago, Why? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG pvLUSroPw35whI+/0Tq1IYPZh/GDEidGMu+4KvZc 4zyBqLBt4fFho62NSUZuECGjiLrFpqppx7lXuvebv

Re: Status of opportunistic encryption

2006-05-30 Thread James A. Donald
the DNS system. After all, we have not fixed or replaced PKI, despite the enormous phishing attack that renders it useless and irrelevant, so we are going to be slower still fixing DNS. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG cwXK8++rEMivkYVd

Status of SRP

2006-05-30 Thread James A. Donald
The obvious solution to the phishing crisis is the widespread deployment of SRP, but this does not seem to happening. SASL-SRP was recently dropped. What is the problem? - The Cryptography Mailing List Unsubscribe by sending

Re: Status of SRP

2006-06-01 Thread James A. Donald
problems including password capture and dictionary attack, and for the authentication part i chose SRP. So that's one place it's getting used, anyway. Cannot find a web page that presents passpet. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: Status of SRP

2006-06-01 Thread James A. Donald
-- James A. Donald wrote: The obvious solution to the phishing crisis is the widespread deployment of SRP Lance James I disagree here, I don't think this will stop phishing for many reasons. Please explain how it would. It will stop man-in-the-middle attacks on the protocol

Re: Status of SRP

2006-06-01 Thread James A. Donald
, it doesn't matter because today, we must assume that the client is thoroughly compromised, which means that entering passwords over SRP isn't safe, either. That is an all purpose argument that is deployed selectively against some measures and not others. --digsig James A. Donald

Re: Status of SRP

2006-06-02 Thread James A. Donald
- by supplying non cryptographic evidence of an existing relationship. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG O37xiq0aPJeqGc7fQTWWTY85hPPktIPGAwbDifVD 4bDTmZTlI9gWsmLu9xhSdisgc26xogVtQOnIi5/DI

Re: Status of SRP

2006-06-02 Thread James A. Donald
does not require competent web masters, who tend to be in short supply. When do you hope to release an actual working passpet? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 2XJ1hBQB4Lh88oartvxNB9R47imTGm9ijr/vCQ5S 4tw2qTJbgf91cRjr3IilUO

Re: Status of opportunistic encryption

2006-06-02 Thread James A. Donald
-- James A. Donald: My understanding is that SSH when using GSS KEX does not cache the keys, which strikes me as a amazingly stupid idea, Victor Duchovni No, that's the whole point. What works for the individual administering 10 machines, does not scale to organizations with hundres

Re: Status of SRP

2006-06-03 Thread James A. Donald
be fixed. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG K0DkzvBcnUAkU1t725Cg9Fmh6awjA9b9S8SmmanA 4HYHXPVEWxmojVTOmRDh7L/Eu6KRWMz3WCh5tL2Eq - The Cryptography Mailing List

  1   2   3   4   >