On 10/4/13 9:48 PM, Jeffrey Goldberg wrote:
The AES “failure” in TLS is a CBC padding failure. Any block cipher would have
“failed” in exactly the same way.
Yes, I know. My second point, about needing a stream cipher other than
RC4, is what's applicable to the current BEAST vs RC4 dilemma.
On Fri, Oct 4, 2013 at 11:48 PM, Jeffrey Goldberg jeff...@goldmark.org wrote:
On 2013-10-04, at 10:46 PM, Patrick Pelletier c...@funwithsoftware.org
wrote:
On 10/4/13 3:19 PM, Nico Williams wrote:
b) algorithm agility is useless if you don't have algorithms to choose
from, or if the ones
On 4/10/13 01:39 AM, James A. Donald wrote:
On 2013-10-04 03:45, Adam Back wrote:
Is it just me or could we better replace NIST by DJB ? ;) He can do
that EC
crypto, and do constant time coding (nacl), and non-hackable mail servers
(qmail), and worst-time databases (cdb). Most people in the
On Sat, Oct 5, 2013 at 4:21 AM, ianG i...@iang.org wrote:
Long Live Competition!
There should be no King to serve, no Committee to subvert, only an open Process.
___
cryptography mailing list
cryptography@randombit.net
On 04/10/13 22:58, Jeffrey Goldberg wrote:
On 2013-10-04, at 4:24 AM, Alan Braggins alan.bragg...@gmail.com wrote:
Surely that's precisely because they (and SSL/TLS generally) _don't_
have a One True Suite, they have a pick a suite, any suite approach?
And for those of us having to choose
On 4/10/13 10:52 AM, Peter Gutmann wrote:
Jon Callas j...@callas.org writes:
In Silent Text, we went far more to the one true ciphersuite philosophy. I
think that Iang's writings on that are brilliant.
Absolutely. The one downside is that you then need to decide what the OTS is
going to be.
You know part of this problem is the inability to disable dud ciphersuites.
Maybe its time to get pre-emptive on that issue: pair a protocol revocation
cert with a new ciphersuite.
I am reminded of mondex security model: it was a offline respendable
smart-card based ecash system in the UK, with
Should we create some kind of CRL style protocol for algorithms? Then we'd
have a bunch of servers run by various organizations specialized on
crypto/computer security that can issue warnings against unsecure
algorithms, as well as cipher modes and combinations of ciphers and
whatever else it
On Sat, Oct 05, 2013 at 02:29:11PM +0200, Natanael wrote:
Should we create some kind of CRL style protocol for algorithms? Then we'd
have a bunch of servers run by various organizations specialized on
crypto/computer security that can issue warnings against unsecure
algorithms, as well as
As we're down a rat hole now, perhaps this can be the last word:
We reject: kings, presidents and voting.
We believe in: rough consensus and running code.
-- David Clark
___
cryptography mailing list
cryptography@randombit.net
On 2013-10-06 02:52, d...@geer.org wrote:
We reject: kings, presidents and voting.
We believe in: rough consensus and running code.
Which gave us IEEE 802.11
Which, like Occupy Wall Street, worked by consensus.
___
cryptography mailing list
On Sat, Oct 5, 2013 at 3:13 PM, Erwann Abalea eaba...@gmail.com wrote:
2013/10/4 Paul Wouters p...@cypherpunks.ca
[...]
People forget the NSA has two faces. One side is good. NIST and FIPS
and NSA are all related. One lesson here might be, only use FIPS when
the USG requires it. That said,
On 10/5/13 2:47 PM, Jeffrey Walton wrote:
Do you know if there's a standard name and OID assigned to Dr.
Bernstein's gear? IETF only makes one mention of 25519 in the RFC
search, and its related to TLS and marked TBD.
Not yet. See this thread:
On Sat, Oct 5, 2013 at 7:35 PM, Patrick Pelletier
c...@funwithsoftware.org wrote:
On 10/5/13 2:47 PM, Jeffrey Walton wrote:
Do you know if there's a standard name and OID assigned to Dr.
Bernstein's gear? IETF only makes one mention of 25519 in the RFC
search, and its related to TLS and
On 30/09/13 19:55 PM, Guido Witmond wrote:
On 09/30/13 17:43, Adam Back wrote:
Anyway and all that because we are seemingly alergic to using client side
keys which kill the password problem dead.
Hi Adam,
I wondered about that 'allergy' myself. I have some ideas about that and
I'm curious
15 matches
Mail list logo
