Re: Maybe It's Snake Oil All the Way Down

2003-06-04 Thread Ian Grigg
Tim Dierks wrote: At 09:11 AM 6/3/2003, Peter Gutmann wrote: Lucky Green [EMAIL PROTECTED] writes: Given that SSL use is orders of magnitude higher than that of SSH, with no change in sight, primarily due to SSL's ease-of-use, I am a bit puzzled by your assertion that ssh, not SSL, is

Re: Session Fixation Vulnerability in Web Based Apps

2003-06-17 Thread Ian Grigg
Ben Laurie wrote: James A. Donald wrote: I do not see how this flaw can be avoided unless one consciously takes special measures that the development environment is not designed or intended to support. The obvious answer is you always switch to a new session after login. Nothing

Mozilla tool to self-verify HTTPS site

2003-06-24 Thread Ian Grigg
http://sslbar.metropipe.net/ Fantastic news: coders are starting to work on the failed security model of secure browsing and improve it where it matters, in the browser. This plugin for Mozilla shows the SSL certificate's fingerprint on the web browser's toolbar. It's a small step for the

Re: Mozilla tool to self-verify HTTPS site

2003-06-24 Thread Ian Grigg
[EMAIL PROTECTED] wrote: How many users can remember MD5 checksums??? If they were rendered into something pronounceable via S/Key like dictionaries it might be more useful... You forgot this bit: It's a small step for the user, but a giant leap for userland security. It means that

Re: New toy: SSLbar

2003-06-25 Thread Ian Grigg
Steven M. Bellovin wrote: Please don't take this personally... None taken here, and I doubt that the author of the tool (who has just joined this list it seems) would take any! From a security point of view, why should anyone download any plug-in from an unknown party? In this very specific

Re: Mozilla tool to self-verify HTTPS site

2003-07-02 Thread Ian Grigg
Marc Branchaud wrote: Ian Grigg wrote: Tying the certificate into the core crypto protocol seems to be a poor design choice; outsourcing any certification to a higher layer seems to work much better out in the field. I'll reserve judgement about the significance of SSLBar, but I

Re: Fwd: [IP] A Simpler, More Personal Key to Protect OnlineMessages

2003-07-09 Thread Ian Grigg
Tim Dierks wrote: ... the fact that the private key, is, in essence, escrowed by the trusted third party, causes me to believe that this system doesn't fill an important unmet need. I'm not sure that's the case! There are some markets out there where there are some contradictory rules. By

replay integrity

2003-07-09 Thread Ian Grigg
Eric Rescorla wrote: You keep harping on certs, but that's fundamentally not relevant to the point I was trying to make, OK! which is whether or not one provides proper message integrity and anti-replay. As far as I'm concerned, there are almost no situations in which not providing those

Re: Announcing httpsy://, a YURL scheme

2003-07-16 Thread Ian Grigg
[EMAIL PROTECTED] wrote: A YURL aware search engine may find multiple independent references to a YURL, thus giving you parallel reporting channels, and increasing trust. Of course, this method differs from the YURL method for trust. The parallel channel method assigns a trust value to a site

Re: invoicing with PKI

2003-09-02 Thread Ian Grigg
(Things seem quiet on the crypto front, here's a late reply.) Hadmut Danisch wrote: Hi, On Thu, Jul 17, 2003 at 04:27:52PM -0400, Ian Grigg wrote: Does anyone know any instances of invoicing and contracting systems that use PKI and digital orders? That is, purchasing departments

Re: invoicing with PKI

2003-09-03 Thread Ian Grigg
Peter Gutmann wrote: Hadmut Danisch [EMAIL PROTECTED] writes: There was an interesting speech held on the Usenix conference by Eric Rescorla (http://www.rtfm.com/TooSecure-usenix.pdf, unfortunately I did not have the time to visit the conference) about cryptographic (real world) protocols

SSL's threat model

2003-09-06 Thread Ian Grigg
Does anyone have any pointers to the SSL threat model? I have Eric Rescorla's book and slides talking about the Internet threat model. The TLS RFC (http://www.faqs.org/rfcs/rfc2246.html) says nothing about threat models that I found. iang

Re: Is cryptography where security took the wrong branch?

2003-09-07 Thread Ian Grigg
Eric Rescorla wrote: Ian Grigg [EMAIL PROTECTED] writes: Eric Rescorla wrote: ... The other thing to be aware of is that ecommerce itself is being stinted badly by the server and browser limits. There's little doubt that because servers and browsers made poorly contrived

Re: Is cryptography where security took the wrong branch?

2003-09-07 Thread Ian Grigg
Ed, I've left your entire email here, because it needs to be re-read several times. Understanding it is key to developing protocols for security. Ed Gerck wrote: Arguments such as we don't want to reduce the fraud level because it would cost more to reduce the fraud than the fraud costs are

Re: Is cryptography where security took the wrong branch?

2003-09-07 Thread Ian Grigg
Eric Rescorla wrote: Elasticity is about how much consumption changes when price changes, not about what people who were already going to buy choose to buy. Sorry, Eric, I'm not quite with you on this... You said: Maybe, maybe not. You've never heard of price inelasticity? You haven't

Re: Code breakers crack GSM cellphone encryption

2003-09-08 Thread Ian Grigg
Trei, Peter wrote: Why the heck would a government agency have to break the GSM encryption at all? Once upon a time, it used to be the favourite sport of spy agencies to listen in on the activities of other countries. In that case, access to the radio waves was much more juicy than access to

Re: Digital cash and campaign finance reform

2003-09-08 Thread Ian Grigg
Steve Schear wrote: By combining a mandated digital cash system for contributions, a cap on the size of each individual contribution (perhaps as small as $100), randomized delays (perhaps up to a few weeks) in the posting of each transaction to the account of the counter party, it could

x9.59

2003-09-09 Thread Ian Grigg
Anne Lynn Wheeler wrote: The result is X9.59 which addresses all the major exploits at both POS as well as internet (and not just credit, but debit, stored-value, ACH, etc ... as well). http://www.garlic.com/~lynn/index.html#x959 Lynn, Whatever happened to x9.59? Also, is there a

Re: PGP makes email encryption easier

2003-09-16 Thread Ian Grigg
Eric Murray wrote: For the record, AFAIK, this approach was invented and deployed by Dr. Ian Brown as his undergraduate thesis, back in 1996 or so. Not to take anything away from Dr Brown, but I wrote something very similar to what PGP's selling for internal use at SUN in 1995 (to

The Code Book - in CD form

2003-09-21 Thread Ian Grigg
Has anyone reviewed Simon Singh's CD version of The Code Book ? = http://www.simonsingh.net/The_CDROM.html After 12 months of intense development, the interactive CD-ROM version of The Code Book is now available. I might be biased, but I think that it

Re: Who is this Mallory guy anyway?

2003-09-22 Thread Ian Grigg
someone wrote: Hiya. Dumb question. Why is the bad guy called Mallory in this thread? I always thought that traditionally the two correspondents were called Alice and Bob and that the bad guy was called Eve. (As in, short for eavesdropper?). Intercepting the bits and sending them is

Re: why are CAs charging so much for certs anyway? (Re: End of the line for Ireland's dotcom star)

2003-09-24 Thread Ian Grigg
Adam Back wrote: You'd have thought there would be plenty of scope for certs to be sold for a couple of $ / year. Excuse me? Why are they being sold per year in the first place? It's not as if there are any root servers to run! Outrageous! :-) iang

Re: Reliance on Microsoft called risk to U.S. security

2003-09-25 Thread Ian Grigg
R. A. Hettinga wrote: http://channels.netscape.com/ns/news/story.jsp?id=200309241951000228064dt=20030924195100w=RTRcoview= Reliance on Microsoft called risk to U.S. security But the security experts said the issue of computer security had more to do with the ubiquity of Microsoft's

Re: Tinc's response to Linux's answer to MS-PPTP

2003-09-28 Thread Ian Grigg
M Taylor wrote: Oh, and they fixed their flaws. SSHv1 is not recommended for use at all, and most systems use SSHv2 now which is based upon a draft IETF standard. SSL went through SSLv1, SSLv2, SSLv3, TLSv1.0, and TLSv1.1 is a draft IETF standard. It is curious, is it not, that there has

Re: Monoculture

2003-10-01 Thread Ian Grigg
Matt Blaze wrote: I imagine the Plumbers Electricians Union must have used similar arguments to enclose the business to themselves, and keep out unlicensed newcomers. No longer acceptable indeed. Too much competition boys? Rich, Oh come on. Are you willfully misinterpreting what I

Re: Monoculture

2003-10-01 Thread Ian Grigg
Don Davis wrote: EKR writes: I'm trying to figure out why you want to invent a new authentication protocol rather than just going back to the literature ... note that customers aren't usually dissatisfied with the crypto protocols per se; they just want the protocol's implementation to

Re: Monoculture

2003-10-01 Thread Ian Grigg
Perry E. Metzger wrote: ... Dumb cryptography kills people. What's your threat model? Or, that's your threat model? Applying the above threat model as written up in The Codebreakers to, for example, SSL and its original credit card nreeds would seem to be a mismatch. On the face of it,

Re: anonymous DH MITM

2003-10-01 Thread Ian Grigg
M Taylor wrote: Stupid question I'm sure, but does TLS's anonymous DH protect against man-in-the-middle attacks? If so, how? I cannot figure out how it would, Ah, there's the rub. ADH does not protect against MITM, as far as I am aware. and it would seem TLS would be wide open to abuse

Re: VeriSign tapped to secure Internet voting

2003-10-01 Thread Ian Grigg
Roy M. Silvernail wrote: On Wednesday 01 October 2003 17:33, R. A. Hettinga forwarded: VeriSign tapped to secure Internet voting The solution we are building will enable absentee voters to exercise their right to vote, said George Schu, a vice president at VeriSign. The sanctity of

Re: anonymous DH MITM

2003-10-02 Thread Ian Grigg
Steven M. Bellovin wrote: In message [EMAIL PROTECTED], Ian Grigg writes: M Taylor wrote: MITM is a real and valid threat, and should be considered. By this motive, ADH is not a recommended mode in TLS, and is also deprecated. Ergo, your threat model must include MITM, and you

crypto licence

2003-10-02 Thread Ian Grigg
Guus Sliepen wrote: Some advice on licensing wouldn't go amiss either. (GPL? ... LGPL? ... something else?) I'd say LGPL or BSD, without any funny clauses. With crypto code, we have taken the view that it should BSD 2 clause. The reason for this is that crypto code has enough other

using SMS challenge/response to secure web sites

2003-10-03 Thread Ian Grigg
Merchants who *really* rely on their web site being secure are those that take instructions for the delivery of value over them. It's a given that they have to work very hard to secure their websites, and it is instructive to watch their efforts. The cutting edge in making web sites secure is

Re: anonymous DH MITM

2003-10-03 Thread Ian Grigg
R. A. Hettinga wrote: At 2:16 PM -0700 10/2/03, bear wrote: That's not anonymity, that's pseudonymity. It seems to me that perfect pseudonymity *is* anonymity. Conventionally, I think, Anonymity is when one publishes a pamphlet of political criticism, and there is no name on the pamphlet.

threat modelling strategies

2003-10-03 Thread Ian Grigg
Arnold G. Reinhold wrote: At 11:50 PM -0400 10/1/03, Ian Grigg wrote: ... A threat must occur sufficiently in real use, and incur sufficient costs in excess of protecting against it, in order to be included in the threat model on its merits. I think that is an excellent summation

Re: Strong-Enough Pseudonymity as Functional Anonymity

2003-10-04 Thread Ian Grigg
Zooko O'Whielacronx wrote: I imagine it might be nice to have Goal B achievable in a certain setting where Goal A remains unachievable. In a strictly theoretical sense, isn't this essentially the job of the (perfect) TTP? At least that's the way many protocols seem to brush away the

Re: anonymous DH MITM

2003-10-06 Thread Ian Grigg
Taral wrote: On Mon, Oct 06, 2003 at 11:43:21AM -0400, Anton Stiglic wrote: You started by talking about anonymous communication, but ended up suggesting a scheme for pseudonymous communication. Anonymous != pseudonymous. Let us be clear on that! It is an important difference.

Re: Simple SSL/TLS - Some Questions

2003-10-06 Thread Ian Grigg
Jill Ramonsky wrote: First, the primary design goal is simple to use. This is the highest goal of all. If it is not simple to use, it misses out on a lot of opportunities. And missing out results in less crypto being deployed. If you have to choose between simple-but-incomplete, versus

Re: anonymity +- credentials

2003-10-06 Thread Ian Grigg
Anton Stiglic wrote: We need a practical system for anonymous/pseudonymous credentials. Can somebody tell us, what's the state of the art? What's currently deployed? What's on the drawing boards? The state of the art, AFAIK, is Chaum's credential system. The state of the art is

credit card threat model

2003-10-08 Thread Ian Grigg
Anne Lynn Wheeler wrote: what i said was that it was specifying a simplified SSL/TLS based on the business requirements for the primary use of SSL/TLS as opposed to a simplified SSL/TLS based on the existing technical specifications and existing implementations. I totally agree that

Re: anonymity +- credentials

2003-10-08 Thread Ian Grigg
Anton Stiglic wrote: - Original Message - From: Ian Grigg [EMAIL PROTECTED] [...] In terms of actual practical systems, ones that implement to Brands' level don't exist, as far as I know? There were however several projects that implemented and tested the credentials

Re: [dgc.chat] EU directive could spark patent war

2003-10-08 Thread Ian Grigg
Steve Schear wrote: [I wonder what if any effect this might have on crypto patents, e.g., Chaumian blinding?] My guess is, nix, nada. Patents are a red herring in the blinding skirmishes, they became a convenient excuse and a point to place the flag when rallying the troops. The battle was

Re: NCipher Takes Hardware Security To Network Level

2003-10-11 Thread Ian Grigg
Anton Stiglic wrote: - Original Message - From: Peter Gutmann [EMAIL PROTECTED] [...] The problem is that what we really need to be able to evaluate is how committed a vendor is to creating a truly secure product. [...] I agree 100% with what you said. Your 3 group

WYTM?

2003-10-13 Thread Ian Grigg
As many have decried in recent threads, it all comes down the WYTM - What's Your Threat Model. It's hard to come up with anything more important in crypto. It's the starting point for ... every- thing. This seems increasingly evident because we haven't successfully reverse-engineered the threat

Re: WYTM?

2003-10-13 Thread Ian Grigg
Minor errata: Eric Rescorla wrote: I totally agree that the systems are insecure (obligatory pitch for my Internet is Too Secure Already) http://www.rtfm.com/TooSecure.pdf, I found this link had moved to here; http://www.rtfm.com/TooSecure-usenix.pdf which makes some of the same

Re: WYTM?

2003-10-13 Thread Ian Grigg
Eric, thanks for your reply! My point is strictly limited to something approximating there was no threat model for SSL / secure browsing. And, as you say, you don't really disagree with that 100% :-) With that in mind, I think we agree on this: [9] I'd love to hear the inside scoop, but

Re: WYTM?

2003-10-15 Thread Ian Grigg
Eric Rescorla wrote: Ian Grigg [EMAIL PROTECTED] writes: I'm sorry, but, yes, I do find great difficulty in not dismissing it. Indeed being other than dismissive about it! Cryptography is a special product, it may appear to be working, but that isn't really good enough

Re: WYTM?

2003-10-15 Thread Ian Grigg
Tim Dierks wrote: At 12:28 AM 10/13/2003, Ian Grigg wrote: Problem is, it's also wrong. The end systems are not secure, and the comms in the middle is actually remarkably safe. I think this is an interesting, insightful analysis, but I also think it's drawing a stronger contrast between

Re: WYTM?

2003-10-16 Thread Ian Grigg
Jon Snader wrote: On Mon, Oct 13, 2003 at 06:49:30PM -0400, Ian Grigg wrote: Yet others say to be sure we are talking to the merchant. Sorry, that's not a good answer either because in my email box today there are about 10 different attacks on the secure sites that I care about

Re: SSL, client certs, and MITM (was WYTM?)

2003-10-22 Thread Ian Grigg
Tom Otvos wrote: As far as I can glean, the general consensus in WYTM is that MITM attacks are very low (read: inconsequential) probability. Is this *really* true? The frequency of MITM attacks is very low, in the sense that there are few or no reported occurrences. This makes it a

Re: SSL, client certs, and MITM (was WYTM?)

2003-10-22 Thread Ian Grigg
Tom Weinstein wrote: Ian Grigg wrote: Nobody doubts that it can occur, and that it *can* occur in practice. It is whether it *does* occur that is where the problem lies. This sort of statement bothers me. In threat analysis, you have to base your assessment on capabilities

Re: SSL, client certs, and MITM (was WYTM?)

2003-10-22 Thread Ian Grigg
Perry E. Metzger wrote: Ian Grigg [EMAIL PROTECTED] writes: In threat analysis, you base your assessment on economics of what is reasonable to protect. It is perfectly valid to decline to protect against a possible threat, if the cost thereof is too high, as compared against

Re: SSL, client certs, and MITM (was WYTM?)

2003-11-12 Thread Ian Grigg
Tom Weinstein wrote: The economic view might be a reasonable view for an end-user to take, but it's not a good one for a protocol designer. The protocol designer doesn't have an economic model for how end-users will end up using the protocol, and it's dangerous to assume one. This is

Cryptophone locks out snoopers

2003-11-25 Thread Ian Grigg
(link is very slow:) http://theregister.co.uk/content/68/34096.html Cryptophone locks out snoopers By electricnews.net Posted: 20/11/2003 at 10:16 GMT A German firm has launched a GSM mobile phone that promises strong end-to-end encryption on calls, preventing the possibility of anybody

Re: Open Source Embedded SSL - (License and Memory)

2003-11-28 Thread Ian Grigg
J Harper wrote: 1) Not GPL or LPGL, please. I'm a fan of the GPL for most things, but for embedded software, especially in the security domain, it's a killer. I'm supposed to allow users to modify the software that runs on their secure token? And on a small platform where there

Ross Anderson's Trusted Computing FAQ

2003-12-20 Thread Ian Grigg
Ross Anderson's Trusted Computing FAQ has a lot to say about recent threads: http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

I don't know PAIN...

2003-12-20 Thread Ian Grigg
What is the source of the acronym PAIN? Lynn said: ... A security taxonomy, PAIN: * privacy (aka thinks like encryption) * authentication (origin) * integrity (contents) * non-repudiation I.e., its provenance? Google shows only a few hits, indicating it is not widespread. iang

Re: Difference between TCPA-Hardware and a smart card (was:example: secure computing kernel needed)

2003-12-22 Thread Ian Grigg
Anne Lynn Wheeler wrote: At issue in business continuity are business requirements for things like no single point of failure, offsite storage of backups, etc. The threat model is 1) data in business files can be one of its most valuable assets, 2) it can't afford to have unauthorized access

Re: Difference between TCPA-Hardware and other forms of trust

2003-12-22 Thread Ian Grigg
Bill Frantz wrote: [I always considered the biggest contribution from Mondex was the idea of deposit-only purses, which might reduce the incentive to rob late-night business.] This was more than just a side effect, it was also the genesis of the earliest successes with smart card money. The

Re: Difference between TCPA-Hardware and a smart card (was: example:secure computing kernel needed)

2003-12-22 Thread Ian Grigg
Bill Stewart wrote: At 09:38 AM 12/16/2003 -0500, Ian Grigg wrote: In the late nineties, the smart card world worked out that each smart card was so expensive, it would only work if the issuer could do multiple apps on each card. That is, if they could share the cost with different uses

Re: Ousourced Trust (was Re: Difference between TCPA-Hardware anda smart card and something else before

2003-12-23 Thread Ian Grigg
Ed Reed wrote: Ian Grigg [EMAIL PROTECTED] 12/20/2003 12:15:51 PM One of the (many) reasons that PKI failed is that businesses simply don't outsource trust. Of course they do. Examples: DB and other credit reporting agencies. SEC for fair reporting of financial results

Re: IP2Location.com Releases Database to Identify IP's Geography

2003-12-23 Thread Ian Grigg
Rich Salz wrote: The IP2Location(TM) database contains more than 2.5 million records for all IP addresses. It has over 95 percent matching accuracy at the country level. Available at only US$499 per year, the database is available via download with free twelve monthly updates. And

Re: Non-repudiation (was RE: The PAIN mnemonic)

2003-12-26 Thread Ian Grigg
Amir Herzberg wrote: Ben, Carl and others, At 18:23 21/12/2003, Carl Ellison wrote: and it included non-repudiation which is an unachievable, nonsense concept. Any alternative definition or concept to cover what protocol designers usually refer to as non-repudiation

Re: Non-repudiation (was RE: The PAIN mnemonic)

2003-12-28 Thread Ian Grigg
Carl Ellison wrote: From where I sit, it is better to term these as legal non-repudiability or cryptographic non-repudiability so as to reduce confusion. To me, repudiation is the action only of a human being (not of a key) and therefore there is no such thing as cryptographic

Re: Non-repudiation (was RE: The PAIN mnemonic)

2003-12-28 Thread Ian Grigg
Ben Laurie wrote: Ian Grigg wrote: Carl and Ben have rubbished non-repudiation without defining what they mean, making it rather difficult to respond. I define it quite carefully in my paper, which I pointed to. Ah. I did read your paper, but deferred any comment on it, in part

CIA - the cryptographer's intelligent aid?

2003-12-28 Thread Ian Grigg
Richard Johnson wrote: On Sun, Dec 21, 2003 at 09:45:54AM -0700, Anne Lynn Wheeler wrote: note, however, when I did reference PAIN as (one possible) security taxonomy i tended to skip over the term non-repudiation and primarily made references to privacy, authentication, and

Repudiating non-repudiation

2003-12-28 Thread Ian Grigg
In response to Ed and Amir, I have to agree with Carl here and stress that the issue is not that the definition is bad or whatever, but the word is simply out of place. Repudiation is an act of a human being. So is the denial of that or any other act, to take a word from Ed's 1st definition.

Re: digsig - when a MAC or MD is good enough?

2004-01-03 Thread Ian Grigg
John Gilmore wrote: Sarbanes-Oxley Act in the US. Section 1102 of that act: Whoever corruptly-- (1) alters, destroys, mutilates, or conceals a record, document, or other object, or attempts to do so, with the intent to impair the object's integrity or

Re: [Fwd: Re: Non-repudiation (was RE: The PAIN mnemonic)]

2004-01-09 Thread Ian Grigg
Ed Gerck wrote: Likewise, in a communication process, when repudiation of an act by a party is anticipated, some system security designers find it useful to define non-repudiation as a service that prevents the effective denial of an act. Thus, lawyers should not squirm when we feel the

All Internet voting is insecure: report

2004-04-01 Thread Ian Grigg
http://www.theregister.co.uk/content/6/35078.html http://www.eetimes.com/at/news/OEG20040123S0036 = All Internet voting is insecure: report By electricnews.net Posted: 23/01/2004 at 11:37 GMT Get The Reg wherever you are, with The Mobile Register

Re: Do Cryptographers burn?

2004-04-03 Thread Ian Grigg
Hadmut Danisch wrote: Hi, this is not a technical question, but a rather academic or abstract one: Do Cryptographers burn? Cryptography is a lot about math, information theory, proofs, etc. But there's a certain level where all this is too complicated and time-consuming to follow all those

Re: Firm invites experts to punch holes in ballot software

2004-04-07 Thread Ian Grigg
Trei, Peter wrote: Frankly, the whole online-verification step seems like an unneccesary complication. It seems to me that the requirement for after-the-vote verification (to prove your vote was counted) clashes rather directly with the requirement to protect voters from coercion (I can't prove

Re: Firm invites experts to punch holes in ballot software

2004-04-09 Thread Ian Grigg
Brian McGroarty wrote: On Wed, Apr 07, 2004 at 03:42:47PM -0400, Ian Grigg wrote: It seems to me that the requirement for after-the-vote verification (to prove your vote was counted) clashes rather directly with the requirement to protect voters from coercion (I can't prove I voted

Financial Cryptography Update: El Qaeda substitution ciphers

2004-04-19 Thread Ian Grigg
( Financial Cryptography Update: El Qaeda substitution ciphers ) April 19, 2004 http://www.financialcryptography.com/mt/archives/000119.html

Re: The future of security

2004-05-08 Thread Ian Grigg
Graeme Burnett wrote: Hello folks, I am doing a presentation on the future of security, which of course includes a component on cryptography. That will be given at this conference on payments systems and security: http://www.enhyper.com/paysec/ Would anyone there have any good predictions on how

Re: Bank transfer via quantum crypto

2004-04-28 Thread Ian Grigg
Ivan Krstic wrote: I have to agree with Perry on this one: I simply can't see a compelling reason for the push currently being given to ridiculously overpriced implementations of what started off as a lab toy, and what offers - in all seriousness - almost no practical benefits over the proper

Mutual Funds - Timestamping

2004-05-25 Thread Ian Grigg
Original Message http://www.financialcryptography.com/mt/archives/000141.html In a rare arisal of a useful use of cryptography in real life, the mutual funds industry is looking to digital timestamping to

US intelligence exposed as student decodes Iraq memo

2004-05-25 Thread Ian Grigg
Original Message Subject: Financial Cryptography Update: US intelligence exposed as student decodes Iraq memo http://www.financialcryptography.com/mt/archives/000137.html 13 May 2004 DECLAN BUTLER

SSL secure browsing - attack tree Mindmap

2004-05-25 Thread Ian Grigg
Original Message Subject: Financial Cryptography Update: SSL secure browsing - attack tree Mindmap http://www.financialcryptography.com/mt/archives/000136.html Here is a /work in progress/ Mindmap on the

Re: The future of security

2004-05-26 Thread Ian Grigg
Ben Laurie wrote: Steven M. Bellovin wrote: The spammers are playing with other people's money, cycles, etc. They don't care. We took that into account in the paper. Perhaps you should read it? http://www.dtc.umn.edu/weis2004/clayton.pdf (Most of the people on this list are far too

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Ian Grigg
Dave Howe wrote: Peter Gutmann wrote: It *is* happening, only it's now called STARTTLS (and if certain vendors (Micromumblemumble) didn't make it such a pain to set up certs for their MTAs but simply generated self-signed certs on install and turned it on by default, it'd be happening even

Re: Yahoo releases internet standard draft for using DNS as public key server

2004-06-01 Thread Ian Grigg
Dave Howe wrote: Ian Grigg wrote: Dave Howe wrote: TLS for SMTP is a nice, efficient way to encrypt the channel. However, it offers little or no assurance that your mail will *stay* encrypted all the way to the recipients. That's correct. But, the goal is not to secure email to the extent

threat modelling tool by Microsoft?

2004-06-09 Thread Ian Grigg
Has anyone tried out the threat modelling tool mentioned in the link below, or reviewed the book out this month: http://aeble.dyndns.org/blogs/Security/archives/000419.php The Threat Modeling Tool allows users to create threat model documents for applications. It organizes relevant data points,

Question on the state of the security industry

2004-06-30 Thread Ian Grigg
The phishing thing has now reached the mainstream, epidemic proportions that were feared and predicted in this list over the last year or two. Many of the solution providers are bailing in with ill- thought out tools, presumably in the hope of cashing in on a buying splurge, and hoping to turn

Re: authentication and authorization

2004-07-03 Thread Ian Grigg
Hi John, thanks for your reply! John Denker wrote: The object of phishing is to perpetrate so-called identity theft, so I must begin by objecting to that concept on two different grounds. 1) For starters, identity theft is a misnomer. My identity is my identity, and cannot be stolen. I think I'd

Re: Question on the state of the security industry

2004-07-04 Thread Ian Grigg
[EMAIL PROTECTED] wrote: I shared the gist of the question with a leader of the Anti-Phishing Working Group, Peter Cassidy. Thanks Dan, and thanks Peter, ... I think we have that situation. For the first time we are facing a real, difficult security problem. And the security experts have shot

Re: authentication and authorization

2004-07-07 Thread Ian Grigg
John Denker wrote: [identity theft v. phishing?] That's true but unhelpful. In a typical dictionary you will find that words such as Identity theft is a fairly well established definition / crime. Last I heard it was the number one complaint at the US FTC. Leaving that aside, the reason that

The Ricardian Contract - using mundane cryptography to achieve powerful governance

2004-07-08 Thread Ian Grigg
Original Message Subject: Financial Cryptography Update: The Ricardian Contract Date: Wed, 7 Jul 2004 11:17:46 +0100 From: [EMAIL PROTECTED] ( Financial Cryptography Update: The Ricardian Contract ) July 07, 2004

Re: EZ Pass and the fast lane ....

2004-07-09 Thread Ian Grigg
Date: Fri, 2 Jul 2004 21:34:20 -0400 From: Dave Emery [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: EZ Pass and the fast lane No mention is made of encryption or challenge response authentication but I guess that may or may not be part of the design (one would think it had better

Mark Shuttleworth On Open Source

2004-07-09 Thread Ian Grigg
Security Theatre: From the man who made hundreds of millions selling signatures on your keys: -- It is your data, why do you have to pay a licence fee for the application needed to access the data? -- Mark Shuttleworth http://www.tectonic.co.za/default.php?action=viewid=309topic=Open%20Source

Re: EZ Pass and the fast lane ....

2004-07-09 Thread Ian Grigg
John Gilmore wrote: It would be relatively easy to catch someone doing this - just cross-correlate with other information (address of home and work) and then photograph the car at the on-ramp. Am I missing something? It seems to me that EZ Pass spoofing should become as popular as cellphone

Re: EZ Pass and the fast lane ....

2004-07-10 Thread Ian Grigg
John Gilmore wrote: [By the way, [EMAIL PROTECTED] is being left out of this conversation, by his own configuration, because his site censors all emails from me. --gnu] Sourceforge was doing that to me today! Well, I am presuming that ... the EZ Pass does have an account number, right? And

Re: Using crypto against Phishing, Spoofing and Spamming...

2004-07-11 Thread Ian Grigg
Florian Weimer wrote: There are simply too many of them, and not all of them implement checks for conflicts. I'm pretty sure I could legally register Metzdowd in Germany for say, restaurant service. This indeed is the crux of the weakness of the SSL/secure browsing/CA system. The concept called

Jabber does Simple Crypto - Yoo Hoo!

2004-07-12 Thread Ian Grigg
(( Financial Cryptography Update: Jabber does Simple Crypto - Yoo Hoo! )) July 12, 2004 http://www.financialcryptography.com/mt/archives/000176.html

New Attack on Secure Browsing

2004-07-15 Thread Ian Grigg
Financial Cryptography Update: New Attack on Secure Browsing ) July 15, 2004 http://www.financialcryptography.com/mt/archives/000179.html

Re: Humorous anti-SSL PR

2004-07-15 Thread Ian Grigg
J Harper wrote: This barely deserves mention, but is worth it for the humor: Information Security Expert says SSL (Secure Socket Layer) is Nothing More Than a Condom that Just Protects the Pipe http://www.prweb.com/releases/2004/7/prweb141248.htm I guess the intention was to provide more

Re: New Attack on Secure Browsing

2004-07-16 Thread Ian Grigg
Aram, It's now pretty clear that PGP had no clue what this was all about. Apologies to all, that was my mistake. Also, to clarify, there was no SSL involved. What we are looking at is a case of being able to put a padlock on the browser in a place that *could* be confused by a user. This is an

Re: New Attack on Secure Browsing

2004-07-16 Thread Ian Grigg
Anton Stiglic wrote: You stated that http://www.pgp.com is an SSL-protected page, but did you mean https://www.pgp.com? On my Powerbook, with all the browsers I get an error that the certificate is wrong and they end up at http://www.pgp.com. What I get is a bad certificate, and this is due to

Re: Using crypto against Phishing, Spoofing and Spamming...

2004-07-17 Thread Ian Grigg
At 10:46 AM 7/10/2004, Florian Weimer wrote: But is it so harmful? How much money is lost in a typical phishing attack against a large US bank, or PayPal? (I mean direct losses due to partially rolled back transactions, not indirect losses because of bad press or customer feeling insecure.) I

Re: Using crypto against Phishing, Spoofing and Spamming...

2004-07-18 Thread Ian Grigg
Eric Rescorla wrote: Ian Grigg [EMAIL PROTECTED] writes: Notwithstanding that, I would suggest that the money already lost is in excess of the amount paid out to Certificate Authorities for secure ecommerce certificates (somewhere around $100 million I guess) to date. As predicted, the CA-signed

Re: On `SSL considered harmful`, correct use of condoms and SSL abuse

2004-07-18 Thread Ian Grigg
Amir Herzberg wrote: (Amir, I replied to your other comments over on the Mozilla security forum, which is presumably where they will be more useful. That just leaves this:) So while `SSL is harmful` sounds sexy, I think it is misleading. Maybe `Stop SSL-Abuse!` Ha! I wondered when someone would

  1   2   >