Tom Weinstein wrote:
The economic view might be a reasonable view for an end-user to take,
but it's not a good one for a protocol designer. The protocol designer
doesn't have an economic model for how end-users will end up using the
protocol, and it's dangerous to assume one. This is
Perry E. Metzger [EMAIL PROTECTED] writes:
TLS is just a pretty straightforward well analyzed protocol for protecting a
channel -- full stop. It can be used in a wide variety of ways, for a wide
variety of apps. It happens to allow you to use X.509 certs, but if you
really hate X.509, define an
Hi,
It's possible I may be reinventing the wheel here, so my apologies if
that's so, but it occurs to me that there's a defence against an offline
dictionary attack on an encrypted file. Here's what I mean: Say you have
a file, and you want to keep it secret. What do you do? Obviously you
Intel has just announced a desktop motherboard with Wave's Embassy chip built
in at http://www.intel.com/design/motherbd/rh/index.htm. Embassy is a DRM
chip that was more recently re-targeted slightly for, uhh, non-DRM
TCPA/TPM/whatever when they realised that DRM hardware was a bit of a hard
- Original Message -
From: Tom Otvos [EMAIL PROTECTED]
As far as I can glean, the general consensus in WYTM is that MITM attacks
are very low (read:
inconsequential) probability.
I'm not certain this was the consensus.
We should look at the scenarios in which this is possible, and
Internet groups starts anit-hacker initiative
http://www.computerweekly.com/articles/article.asp?liArticleID=125823liArti
cleTypeID=1liCategoryID=2liChannelID=22liFlavourID=1sSearch=nPage=1
one of the threats discussed in the above is the domain name ip-address
take-over mentioned previously
At 07:11 PM 10/22/03 -0400, Perry E. Metzger wrote:
Indeed. Imagine if we waited until airplanes exploded regularly to
design them so they would not explode, or if we had designed our first
suspension bridges by putting up some randomly selected amount of
cabling and seeing if the bridge
http://www.fcw.com/fcw/articles/2003/1020/web-fbca-10-22-03.asp
Digital certificate clearinghouse needs work
The mechanism that allows a digital certificate to be used across
government agencies must be upgraded before it will be available for the
entire government, a federal information
I'm not sure how you come to that conclusion. Simply
use TLS with self-signed certs. Save the cost of the
cert, and save the cost of the re-evaluation.
If we could do that on a widespread basis, then it
would be worth going to the next step, which is caching
the self-signed certs, and
I wonder if the DMCA (why do those initials bring to mind a song by
The Village People?) isn't invoking Gresham's Law? Gresham's Law says
bad money drives out good, but it only applies when there is a legal
tender law. Such a law requires that all money be treated equally --
as legal tender for
--- begin forwarded text
Status: U
To: [EMAIL PROTECTED]
Date: Mon, 27 Oct 2003 16:37:55 +0100 (CET)
From: [EMAIL PROTECTED] (Dr. Robert J. Harley)
Subject: Re: Certicom? [...] [Fwd: NSA Turns To Commercial Software For
Encryption]
List-Id: Friends of Rohit Khare fork.xent.com
--- begin forwarded text
Status: U
Date: Fri, 24 Oct 2003 11:35:52 -0400
To: Philodox Clips [EMAIL PROTECTED]
From: R. A. Hettinga [EMAIL PROTECTED]
Subject: PGP Corporation Announces Release of PGP Desktop 8.0.3
Reply-To: Philodox Clips [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
--- begin forwarded text
Status: U
Date: Fri, 24 Oct 2003 11:44:39 -0400
To: Philodox Clips [EMAIL PROTECTED]
From: R. A. Hettinga [EMAIL PROTECTED]
Subject: Certicom Sells Licensing Rights to NSA
Reply-To: Philodox Clips [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
List-Subscribe:
http://dynamic.washtimes.com/print_story.cfm?StoryID=20031026-124606-8419r
The Washington Times
www.washingtontimes.com
'Smart stamps' next in war on terrorism
By Audrey Hudson
Published October 26, 2003
Sending an anonymous love letter or an angry note to your congressman?
The U.S. Postal
For some updated news about NGSCB, aka Palladium, go to the Microsoft
NGSCB newsgroup page at
http://communities.microsoft.com/newsgroups/default.asp?icp=ngscbslcid=us.
This might be a good forum for cypherpunks to ask questions about
Palladium.
There was a particularly informative posting by
15 matches
Mail list logo