On Wed, Aug 25, 2004 at 03:17:15PM +0100, Ben Laurie wrote:
lrk wrote:
My examination of RSAREF and OpenSSL code was more toward understanding how
they handled big numbers. It appears both generate prime numbers which are
half the length of the required N and with both of the two most
lrk wrote:
On Thu, Aug 12, 2004 at 03:27:07PM -0700, Jon Callas wrote:
On 10 Aug 2004, at 5:16 AM, John Kelsey wrote:
So, how many people on this list have actually looked at the PGP key
generation code in any depth? Open source makes it possible for
people to look for security holes, but it
On Thu, Aug 12, 2004 at 03:27:07PM -0700, Jon Callas wrote:
On 10 Aug 2004, at 5:16 AM, John Kelsey wrote:
So, how many people on this list have actually looked at the PGP key
generation code in any depth? Open source makes it possible for
people to look for security holes, but it sure
From: lrk [EMAIL PROTECTED]
Sent: Aug 6, 2004 1:04 PM
To: R. A. Hettinga [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Cryptography and the Open Source Security Debate
...
More dangerous is a key generator which deliberately produces keys which
are easy to factor by someone knowing
There doesn't appear to be a discussion forum related to the Web post, so
I'll reply here.
We've gone through a similar thought process at my company. We have a
commercial security product (MatrixSSL), but provide an open source version
for many of the good points Daniel makes. There are a few
