Re: New toy: SSLbar

2003-07-02 Thread Barney Wolff
certs more often than sshd changes host keys? Given how much crap browsers cache already, this wouldn't seem to add much. Of course it wouldn't help when using a public client host, but anybody doing that for confidential web access is wide open anyway. -- Barney Wolff http

Re: Monoculture

2003-10-01 Thread Barney Wolff
even added a self-signed server cert under IE with no trouble or inconvenience. (Yes it did ask whether to accept the site's cert.) -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net

Re: Reliance on Microsoft called risk to U.S. security

2003-10-02 Thread Barney Wolff
vendor whose security model is all but impossible to fathom, so I'm not at all disagreeing with your point. I use Mutt. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net

Re: Israeli coders, Arab testers

2004-04-01 Thread Barney Wolff
to penetration tests, which is why hiring former felons to do it is not risk-free. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. - The Cryptography

Re: DRM of the mirror universe

2004-04-14 Thread Barney Wolff
, what prevents the user from presenting false data? The only data I can't lie about is what I generate as a side-effect of something else, for example a click-stream. But that's already available reliably to the server(s) now, without DRM. -- Barney Wolff http://www.databus.com