Re: An attack on paypal

2003-06-12 Thread Nomen Nescio
Steven M. Bellovin wrote: Let me point folk at for a related issue. To put it very briefly, *real* authentication is hard. It may be that real authentication is hard, but the unbelievably sloppy practices of domain name registrars doesn't prove the case.

Re: pubkeys for p and g

2003-06-27 Thread Nomen Nescio
martin f krafft writes: My point was that some commercial vendors (Check Point and others) claim, that if two partners want to perform a DH key exchange, they may use their two public keys for g and p. This, in effect, would mean that g and p were not globally known, but that the public keys