n.
-J
[1] One exception would be the subset of mail roughly corresponding to
security advisories. There OpenPGP signatures are the norm.
[2] Airport "security" anyone?
--
Jeroen C. van Gelderen - [EMAIL PROTECTED]
A single glass of beer was passed, from which I was the last
on
in a
specific way...
It might get you from per-session protection to across-all-session
protection. But it can never protect against injecting two messages
with identical meaning (replay) into the SSL layer twice.
-J
--
Jeroen C. van Gelderen - [EMAIL PROTECTED]
War prosperity is like the prosperit
anism. Worse, the integrity
protection didn't even work in TLS 1.0: "TLS v1.0 also provides an
optional MAC which failed to thwart the attack..." [Vau02a].
[Vau02a]
http://lasecwww.epfl.ch/php_code/publications/search.php?ref=Vau02a
-J
--
Jeroen C. van Gelderen - [EMAIL PROTECTED
On Saturday, Sep 27, 2003, at 11:12 US/Eastern,
[EMAIL PROTECTED] wrote:
On Fri, 26 Sep 2003, Bill Frantz wrote:
The real problem is that the viewer software, whether it is an
editor, PDF
viewer, or a computer language interpreter, runs with ALL the user's
privileges. If we ran these programs
On Saturday, Sep 27, 2003, at 15:48 US/Eastern,
[EMAIL PROTECTED] wrote:
On Sat, 27 Sep 2003, Jeroen C.van Gelderen wrote:
I continue to believe that few users would grant an email message
access to both the Internet and the Address Book when they are asked
those two questions, provided that the
On Saturday, Sep 27, 2003, at 20:31 US/Eastern, Zooko wrote:
"Jeroen C. van Gelderen" <[EMAIL PROTECTED]> wrote:
There is no way around asking the user because he is the ultimate
authority when it comes to making trust decisions. (Side-stepping the
issues in a (corporate) envir
On Sunday, Oct 5, 2003, at 11:03 US/Eastern, Jonathan S. Shapiro wrote:
Peter:
I agree that ASN.1 is statically checkable, and that this is an
important property.
However, ASN.1 is notoriously hard to parse, which leads to errors.
I take it you a saying that ASN.1 syntax is hard to parse? Having
On Thursday, Oct 2, 2003, at 17:50 US/Eastern, Bill Frantz wrote:
From:
-- Security Alert Consensus --
Number 039 (03.39)
Thursday, October 2, 2003
Network Computing and the SANS Institute
Powered by Neohapsis
On Dec 6, 2003, at 3:26, Jeremiah Rogers wrote:
I'm having trouble pinpointing the origin of the initial hash values
for SHA 224 and, for that matter, 128. These values are defined as hex
representations of cube roots of primes for sha-1 of lengths 256, 384
and 512, but I can't find where they
I didn't see anything on this list, but apparently RSA-576 has been
factored:
http://mathworld.wolfram.com/news/2003-12-05/rsa/
-JC
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PR
10 matches
Mail list logo
