On another mailing list, someone posted an interesting question: how to
ascertain that a tamperproof device (e.g., a smartcard) contains no hidden
backdoors? By definition, anything open to inspection is not tamperproof. Of
course, one can ask the manufacturer to disclose the design, but there is
- Original Message -
From: Greg Broiles [EMAIL PROTECTED]
To: Enzo Michelangeli [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, June 25, 2001 1:32 AM
Subject: Re: crypto flaw in secure mail standards
[...]
The digital signature laws I've seen don't mention and don't support
- Original Message -
From: Theodore Tso [EMAIL PROTECTED]
To: John Gilmore [EMAIL PROTECTED]
Cc: Pawel Krawczyk [EMAIL PROTECTED]; Bram Cohen
[EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Thursday, September 20, 2001 5:17 AM
Subject: Re: chip-level randomness?
[...]
On
Or also their XML equivalents:
http://xml.coverpages.org/xml-spki.html
Enzo
- Original Message -
From: Paul Crowley [EMAIL PROTECTED]
To: Peter Gutmann [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Thursday, September 20, 2001
- Original Message -
From: Bill Stewart [EMAIL PROTECTED]
To: Conspiracy
Sent: Wednesday, October 03, 2001 12:41 AM
Subject: Re: Best practices/HOWTO for key storage in small office/home
office setting?
At 07:23 PM 10/02/2001 +0300, Sampo Syreeni wrote:
Or integrate some computing
On Mon, 29 October 2001, R. A. Hettinga wrote:
[...]
The key-logger, hidden inside a computer, secretly records everything a
suspect
types on it. The device lets authorities capture passwords to unscramble data
files in otherwise-unbreakable codes.
So what happens if the application gets
- Original Message -
From: Bram Cohen [EMAIL PROTECTED]
To: Nelson Minar [EMAIL PROTECTED]
Cc: Crypto List [EMAIL PROTECTED]
Sent: Wednesday, October 31, 2001 1:36 AM
Subject: Re: Yet more stego scare in the New York Times
[...]
hotmail/yahoo/hushmail/etc. accounts - these are used for
- Original Message -
From: Ray Dillinger [EMAIL PROTECTED]
To: Enzo Michelangeli [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; Ben Laurie [EMAIL PROTECTED];
[EMAIL PROTECTED]; Hadmut Danisch [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Thursday, September 27, 2001 12:06 AM
Subject: Re: [FYI] Did
On Mon, 24 Sep 2001 [EMAIL PROTECTED] wrote:
If it was so easy ... it wouldn't be a problem. An objective of the
original e-commerce deployments was that the account number file not be
co-located on the webserver. Since a large number of subsequent deployments
have co-located on the
- Original Message -
From: Richard Guy Briggs [EMAIL PROTECTED]
To: Enzo Michelangeli [EMAIL PROTECTED]
Cc: John R. Levine [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, December 04, 2001 6:18 PM
Subject: Re: VISA: All Your Password Are Belong to Us
[...]
So if I understand
- Original Message -
From: Richard Guy Briggs [EMAIL PROTECTED]
To: Enzo Michelangeli [EMAIL PROTECTED]
Cc: Richard Guy Briggs [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Tuesday, December 04, 2001 7:07 PM
Subject: Re: VISA: All Your Password Are Belong to Us
On Tue, Dec 04, 2001 at 04
- Original Message -
From: Eugene Leitl [EMAIL PROTECTED]
To: Hack Hawk [EMAIL PROTECTED]
Cc: Hadmut Danisch [EMAIL PROTECTED]; Digital Bearer Settlement List
[EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, 06 January, 2002 7:41 PM
On Fri, 4 Jan 2002, Hack Hawk
- Original Message -
From: Eric Rescorla [EMAIL PROTECTED]
To: Eugene Leitl [EMAIL PROTECTED]
Sent: Monday, 28 January, 2002 6:33 AM
[...]
If you want to see EC used you need to describe a specific algorithm
which has the following three properties:
(1) widely agreed to be
From: Derek Atkins [EMAIL PROTECTED]
Actually, this was chosen only to protect signalling, not the
actual VoIP data. If you read the spec carefully you will notice
that the RTP stream is NOT using IPsec for data protection.
Yup, right. Thanks also to Joseph Tardo, who pointed out that the
- Original Message -
From: Lucky Green [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, 24 March, 2002 9:38 AM
Subject: 1024-bit RSA keys in danger of compromise
[...]
In light of the above, I reluctantly revoked all my personal 1024-bit
PGP keys and the large web-of-trust that
Further to Lucky's comments: in the last few days I have discussed keysize
issues with a few people on a couple of mailing lists, and I have
encountered a hostility to large keysizes of which, frankly, I don't
understand the reasons. On the client side at least, performance is not an
issue: PGP
Status: U
From: Lucky Green [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Government subsidies: our last, best hope for Cryptanarchy?
Date: Fri, 24 May 2002 01:44:53 -0700
Sender: [EMAIL PROTECTED]
[...]
The same Cypherpunk expressed a hope that absent NAI's PGP, the German
- Original Message -
From: Lucky Green [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Sunday, July 14, 2002 11:55 AM
Subject: RE: IP: SSL Certificate Monopoly Bears Financial Fruit
The cert shows that it's issued by Equifax, however.
The cert shows as being issued
- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, July 23, 2002 1:59 PM
Subject: Re: building a true RNG (was: Quantum Computing ...)
You cannot measure entropy retrospectively. You need to have a
theory as to where the entropy is
19 matches
Mail list logo