On Sunday 08 June 2003 06:11 pm, martin f krafft wrote:
> also sprach James A. Donald <[EMAIL PROTECTED]> [2003.06.08.2243 +0200]:
> > (When you hit the submit button, guess what happens)
>
> How many people actually read dialog boxes before hitting Yes or OK?
It's slightly more subtle. The actio
At 18:03 08/06/2003 -0400, Tim Dierks wrote:
- Get browser makers to design better ways to communicate to users that
UI elements can be trusted. For example, a proposal I saw recently which
would have the OS decorate the borders of "trusted" windows with facts or
images that an attacker wouldn
Hi,
It seems to me that the possibilty that spammers might harvest PGP
keyservers for email addresses is a serious disincentive to using
keyservers. Does anyone have any thoughts on this?
Jill
-
The Cryptography Mailing List
Un
Dear Colleagues,
This is a (late) invitation to attend PODC 2003, July 13-16, Boston, MA.
PODC (Principles of Distributed Computing) is the leading conference on
distributed computing and algorithms. This conference is a great
opportunity for interaction and cooperation between security/crypto
Seems another record has been set in the quantum key agreement race
http://www.vnunet.com/News/1141438
This time the distance is 100km
I'm constantly baffled about how the media embraces these news, just
look at the title "Hack-proof".
*sigh*
This isn't quantum *cryptography*, its agreement
On Mon, 9 Jun 2003 [EMAIL PROTECTED] wrote:
> Hi,
>
> It seems to me that the possibilty that spammers might harvest PGP
> keyservers for email addresses is a serious disincentive to using
> keyservers. Does anyone have any thoughts on this?
Solution: Have two addresses, a "secure" and "non-sec
Ah, but surely there's a problem with this idea? If you communicate with me
in the clear, you will know my email address to be
"[EMAIL PROTECTED]". If you hit the reply button following a
communication with me, your message will reach me. BUT - if you then decide
that you want to communicate with
>Yuan, Ye and Smith, Trusted Path for Browsers, 11th Usenix security symp,
>2002.
Minor nit: just Ye and Smith. (Yuan had helped with some of the spoofing)
Advertisement: we also built this into Mozilla, for Linux and Windows.
http://www.cs.dartmouth.edu/~pkilab/demos/countermeasures/
--Sean
[EMAIL PROTECTED] writes:
> My first thought is to generate a new (secure) email address which includes
> the old (insecure) address as a substring (for example
> "[EMAIL PROTECTED]"). Will this work? I don't know enough about
> keyservers to know the answer to that one.
I don't know about all pgp
At 11:51 AM 6/9/03 +0100, [EMAIL PROTECTED] wrote:
>Hi,
>
>It seems to me that the possibilty that spammers might harvest PGP
>keyservers for email addresses is a serious disincentive to using
>keyservers. Does anyone have any thoughts on this?
Why not publish your key under a bogus name that goe
Re: Martin's comments
> even so, whether you do or not, taken in account that do you have your
> fingerprints memorized...
>
> http://www.thc.org/thc-ffp/
>
>
> - Original Message -
> From: "martin f krafft" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
> Sent: Sun
On Mon, 9 Jun 2003 [EMAIL PROTECTED] wrote:
> Hi,
>
> It seems to me that the possibilty that spammers might harvest PGP
> keyservers for email addresses is a serious disincentive to using
> keyservers. Does anyone have any thoughts on this?
>
There are plenty of sources from which harvest email
http://csrc.nist.gov
June 6, 2003 -- The National Institute of Standards and Technology
(NIST) has been developing a block cipher mode of operation for message
authentication. From the authentication modes that were submitted to
NIST for consideration, NIST initially selected the RMAC algorithm a
DIMACS Tutorial on Computer Security
August 4 - 7, 2003
DIMACS Center, CoRE Building, Rutgers University
Organizer:
Rebecca Wright
Stevens Institute of Technology
[EMAIL PROTECTED]
Presented under the auspices of the Special Focus on Communication
Security and Information Pri
I'm thinking of adding OMAC to LibTomCrypt however I have a question
not resolved in the paper [or at least I didn't see it]. What is the
standard for computing u^-1 [L * x^-1 specifically] for arbitrary block
sizes?
I would have simply used a shift code .e.g.
L2 = L1 xor (L1 << 1)
Or some
> I keep posting "you cannot do this using https", and people keep
> replying "yes you can"
I think there's two separate problems here. One is domain squatting.
I've seen lots of phishes from domains like paypal-confirm.com (which
is registered to someone in Pakistan.) It is truly pitiful that w
Amir Herzberg <[EMAIL PROTECTED]> writes:
>Ka Ping Yee, User Interface Design for Secure System, ICICS, LNCS 2513, 2002.
Ka-Ping Yee has a web page at http://zesty.ca/sid/ and a lot of interesting
things to say about secure HCI (and HCI in general), e.g. a characterisation
of safe systems vs. gen
17 matches
Mail list logo