Hal Finney wrote: I thought of one possible mitigation that can protect OpenID end users against remote web sites which have not patched their DNS. OpenID providers who used weak OpenSSL certs would have to change their URLs so that their old X.509 CA certs on their old URLs no longer work on
It seems like enough time has passed to post publicly, as some of these are now common knowledge: Ben Laurie wrote: William Allen Simpson wrote: Keep in mind that the likely unpredictability is about 2**24. In many or most cases, that will be implementation limited to 2**18 or less. Why?
yet another proprietary symmetric cipher ? http://www.pureentropy.com ... Encryption Security Solutions provides unprecedented encryption security, efficiency, and performance for business applications ensuring critical information is secure. Encryption Security Solutions, LLC (ESÂ²) has
It seems that US judges aren't as protective of speech rights as Dutch ones. Las Vegas - Three students at the Massachusetts Institute of Technology (MIT) were ordered this morning by a federal court judge to cancel their scheduled presentation about vulnerabilities in Boston's
On Sat, 09 Aug 2008 17:11:11 -0400, Perry E. Metzger [EMAIL PROTECTED] wrote: Las Vegas - Three students at the Massachusetts Institute of Technology (MIT) were ordered this morning by a federal court judge to cancel their scheduled presentation about vulnerabilities in
these have been circulating for hours, but they are content-free title slides... [Moderator's note: I've read them and they're far from content free. They give you a recipe for doing things like rewriting the mag stripes on stored value cards to give you arbitrary balances, and they even