On Jan 9, 2004, at 8:06 PM, Rich Salz wrote:
dave kleiman wrote:
Because the client has a Certificate Revocation Checking function
turned on
in a particular app (i.e. IE or NAV).
I don't think you understood my question. Why is crl.verisign.com
getting overloaded *now.* What does the
On May 27, 2004, at 12:35 PM, John Kelsey wrote:
Does anyone know whether the low-power nature of wireless LANs
protects them from eavesdropping by satellite? Is there some simple
reference that would easily let me figure out whether transmitters at
a given power are in danger of eavesdropping
On Wed, 1 Dec 2004, Anne Lynn Wheeler wrote:
the other attack is on the certification authorities business process
Note that in a fair number of Certificate issuing processes common in
industry the CA (sysadmin) generates both the private key -and-
certificate, signs it and then exports both
On Wed, 8 Jun 2005, Perry E. Metzger wrote:
Dan Kaminsky [EMAIL PROTECTED] writes:
Yes, because key management is easy or free.
Eh - my experience is that that is where 99% of the cost is - in the whole
human procedures and vetting around it. The paper work, the auditing,
dealing with
On Tue, 5 Jul 2005 [EMAIL PROTECTED] wrote:
(currently in Boston, MA, after giving fingerprints at the
airport immigration)
And you may have then noticed the interesting effect; in Germany we have
mandatory cards - carry them round always - but virtually have to show
them. And only to
On Mon, 24 Oct 2005, cyphrpunk wrote:
Is it possible that Skype doesn't use RSA encryption? Or if they do,
do they do it without using any padding, and is that safe?
You may want to read the report itself:
http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf
and
On Wed, 23 Jan 2008, Leichter, Jerry wrote:
well be prior art, but the idea of erasing information by deliberately
discarding a key is certainly not completely obvious except in
retrospect. If you look at any traditional crypto text, you won't
Hmm - it is commonly mentioned that (early)
On Mar 16, 2008, at 12:32 PM, Ben Laurie wrote:
[EMAIL PROTECTED] wrote:
So at the company I work for, most of the internal systems have
expired SSL certs, or self-signed certs. Obviously this is bad.
You only think this is bad because you believe CAs add some value.
SSH keys aren't
On Mar 16, 2008, at 7:52 PM, Ben Laurie wrote:
Dirk-Willem van Gulik wrote:
So I'd argue that while x509, its CA's and its CRL's are a serious
pain to deal** with, and seem add little value if you assume avery
diligent and experienced operational team -- they do provide a
useful
On Wed, 4 Jun 2008, Perry E. Metzger wrote:
I'm thinking of starting a CA that sells super duper enhanced
security certs, where we make the company being certified sign a
document in which they promise that they're absolutely trustworthy.
To be really sure, we'll make them fax said document
On 30 Jul 2008, at 19:57, Pierre-Evariste Dagand wrote:
But just how GREAT is that, really? Well, we don'
t know. Why? Because there isn't actually a way test for
randomness. Your
DNS resolver could be using some easily predicted random number
generator
like, say, a linear congruential
On 30 Jul 2008, at 21:33, Ben Laurie wrote:
For sure, it would be better if we could check the source code and
match the implemented RNG against an already known RNG.
But, then, there is a the chicken or the egg problem: how would you
ensure that a *new* RNG is a good source of randomness ?
... discussion on CA/cert acceptance hurdles in the UI
I am just wondering if we need a dose of PGP-style reality here.
We're really seeing 3 or 4 levels of SSL/TLS happening here - and whilst
they all appear use the same technology - the assurances, UI,
operational
regimen,
Been looking at the Telnic (dev.telnic.org) effort.
In essence; NAPTR dns records which contain private details such as a
phone number. These are encrypted against the public keys of your
friends (so if you have 20 friends and 3 phone numbers visible to all
friends - you need 20 subdomains
On 8 Dec 2008, at 22:43, David G. Koontz wrote:
JOHN GALT wrote:
StealthMonger wrote:
This may help to explain the poor uptake of encrypted email. It
would
be useful to know exactly what has been discovered. Can you provide
references?
The iconic Paper explaining this is Why Johnny
Weger, B.M.M. de wrote:
- if they rely on the CA for signing CRLs (or whatever
revocation mechanism they're using) then they have to find
some other way to revoke existing certificates.
...
Seems to me that for signing CRLs it's better to have a separate
Revocation Authority (whose
On 19 Apr 2010, at 23:29, Massimiliano Pala wrote:
Hi all,
I was wondering if any of you have some pointers on the security of
watermarking. In particular I am interested in public-key or asymmetric
watermarking algorithms.
Also, do you know of any free-to-use (opensource/etc.)
Op 6 sep. 2013, om 01:09 heeft Perry E. Metzger pe...@piermont.com het
volgende geschreven:
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
….
The Suite B curves were picked some time ago. Maybe they have problems.
….
Now, this certainly was a problem for
Op 13 sep. 2013, om 21:23 heeft Perry E. Metzger pe...@piermont.com het
volgende geschreven:
On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl eu...@leitl.org
wrote:
Why e.g. SWIFT is not running on one time pads is beyond me.
I strongly suspect that delivering them securely to the vast
Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker hal...@gmail.com het
volgende geschreven:
Let us say I want to send an email to al...@example.com securely.
...
ppid:al...@example.com:example.net:Syd6BMXje5DLqHhYSpQswhPcvDXj+8rK9LaonAfcNWM
...
example.net is a server which will resolve
Op 20 sep. 2013, om 14:55 heeft Phillip Hallam-Baker hal...@gmail.com het
volgende geschreven:
On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik di...@webweaving.org
wrote:
Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker hal...@gmail.com het
volgende geschreven:
Let us say
Op 30 sep. 2013, om 05:12 heeft Christoph Anton Mitterer
cales...@scientia.net het volgende geschreven:
Not sure whether this has been pointed out / discussed here already (but
I guess Perry will reject my mail in case it has):
https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3
Op 1 okt. 2013, om 17:59 heeft Jerry Leichter leich...@lrw.com het volgende
geschreven:
On Oct 1, 2013, at 3:29 AM, Dirk-Willem van Gulik di...@webweaving.org
wrote:
...I do note that in crypto (possibly driven by the perceived expense of too
many bits) we tend to very carefully observe
23 matches
Mail list logo
