On Thu, 26 Sep 2013, ianG wrote:
> Right, scratch the Brits and the French. Maybe AU, NZ? I don't know.
> Maybe the Germans / Dutch / Austrians.
At the risk of getting political, I'd recommend against AU (I live there).
Our new gummint has already shown that it will put its own interests ahea
> And the problem appears to be compounded by dofus legacy implementations
> that don't support PFS greater than 1024 bits. This comes from a
> misunderstanding that DH keysizes only need to be half the RSA length.
>
> So to go above 1024 bits PFS we have to either
>
> 1) Wait for all the servers
- Forwarded message from zooko -
Date: Fri, 27 Sep 2013 00:08:32 +0400
From: zooko
To: Michael Rogers
Cc: Randombit List
Subject: Re: [cryptography] Asynchronous forward secrecy encryption
User-Agent: Mutt/1.5.21 (2010-09-15)
Let me just mention that this conversation is AWESOME. I on
On Wed, Sep 25, 2013 at 7:18 PM, Peter Gutmann wrote:
> =?iso-8859-1?Q?Kristian_Gj=F8steen?=
> writes:
>
> >(For what it's worth, I discounted the press reports about a trapdoor in
> >Dual-EC-DRBG because I didn't think anyone would be daft enough to use
> it. I
> >was wrong.)
>
> +1. It's the V
http://www.nytimes.com/2013/09/27/opinion/have-a-nice-day-nsa.html
On Sep 25, 2013, at 3:14 PM, John Kelsey wrote:
> Right now, there is a lot of interest in finding ways to avoid NSA
> surveillance. In particular, Germans and Brazilians and Koreans would
> presumably rather not have their da
On Fri, Sep 27, 2013 at 3:59 AM, John Gilmore wrote:
> > And the problem appears to be compounded by dofus legacy implementations
> > that don't support PFS greater than 1024 bits. This comes from a
> > misunderstanding that DH keysizes only need to be half the RSA length.
> >
> > So to go above
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/25/2013 04:59 AM, Peter Gutmann wrote:
> Something that can "sign a new RSA-2048 sub-certificate" is called a CA. For
> a browser, it'll have to be a trusted CA. What I was asking you to explain
> is
> how the browsers are going to deal wit
On Fri, Sep 27, 2013 at 11:23:27AM -0400, Phillip Hallam-Baker wrote:
> Actually, it turns out that the problem is that the client croaks if the
> server tries to use a key size that is bigger than it can handle. Which
> means that there is no practical way to address it server side within the
> c
On 09/27/2013 05:30 AM, james hughes wrote:
> The thing that this list can effect is the creation of standards with
> a valuable respect for Moore's law and increases of mathematical
> understanding. Stated differently, "just enough security" is the
> problem. This past attitude did not respect
On 27/09/13 18:23 PM, Phillip Hallam-Baker wrote:
Problem with the NSA is that its Jekyll and Hyde. There is the good side
trying to improve security and the dark side trying to break it. Which
side did the push for EC come from?
What's in Suite A? Will probably illuminate that question...
On 2013-09-28 01:23, Phillip Hallam-Baker wrote:
Most cryptolibraries have a hard coded limit at 4096 bits and there
are diminishing returns to going above 2048. Going from 4096 to 8192
bits only increases the work factor by a very small amount and they
are really slow which means we end up w
On 2013-09-27 09:54, Phillip Hallam-Baker wrote:
Quite, who on earth thought DER encoding was necessary or anything
other than incredible stupidity?
I have yet to see an example of code in the wild that takes a binary
data structure, strips it apart and then attempts to reassemble it to
pas
12 matches
Mail list logo