RE: FreeSWAN Release 1.93 ships!

2001-12-09 Thread Lucky Green
The big question is: will FreeS/WAN latest release after some 4 or 5 years of development finally both compile and install cleanly on current versions of Red Hat Linux, FreeS/WAN's purported target platform? --Lucky, who is bothered by the fact that most his Linux using friends so far have been

FW: FreeSWAN Release 1.93 ships!

2001-12-10 Thread Lucky Green
PROTECTED] Subject: RE: FreeSWAN Release 1.93 ships! On Sunday 09 December 2001 07:32 pm, Lucky Green [EMAIL PROTECTED] wrote: The big question is: will FreeS/WAN latest release after some 4 or 5 years of development finally both compile and install cleanly on current versions of Red Hat

Re: PGP GPG compatibility

2002-02-09 Thread Lucky Green
-of-the-box by the overwhelming majority of deployed MUA's in the world. -- Lucky Green [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Cringely Gives KnowNow Some Unbelievable Free Press... (fwd)

2002-02-27 Thread Lucky Green
Philip, If we can at all fit it into the schedule, IFCA will attempt to offer a colloquium on this topic at FC. Based on the countless calls inquiring about this issue that I received just in the last few days, the customers of financial cryptography are quite concerned about the Bernstein paper,

1024-bit RSA keys in danger of compromise

2002-03-24 Thread Lucky Green
reluctantly revoked all my personal 1024-bit PGP keys and the large web-of-trust that these keys have acquired over time. The keys should be considered compromised. The revoked keys and my new keys are attached below. --Lucky Green -BEGIN PGP PUBLIC KEY BLOCK- Version: PGP 7.1 Comment: Problems

PGP key server changes [was: RE: 1024-bit RSA keys in danger of compromise]

2002-03-29 Thread Lucky Green
Enzo wrote: Hmmm... I see that the new 4096-bit super-duper key, besides its own (which doesn't prove much), only bears the signatures of the now revoked -as potentially compromised- old keys 0x375AD924 and 0xEEE8CFF3, plus 0x06757D2D (which turns out to be a 1024-bit DSA key) and

Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]

2002-04-23 Thread Lucky Green
Anonymous wrote (quoting Adam): Adam Back wrote: The mocking tone of recent posts about Lucky's call seems quite misplaced given the checkered bias and questionable authority of the above conflicting claims we've seen quoted. No, Lucky made a few big mistakes. First, he invoked Ian

RE: Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]

2002-04-25 Thread Lucky Green
Enzo wrote: Further to Lucky's comments: in the last few days I have discussed keysize issues with a few people on a couple of mailing lists, and I have encountered a hostility to large keysizes of which, frankly, I don't understand the reasons. On the client side at least, performance

RE: DOJ proposes US data-rentention law.

2002-06-21 Thread Lucky Green
ji wrote: Under this proposed law, will ISPs have to scan *all* SMTP traffic and record the envelope, or only the traffic for which they actually do SMTP forwarding? If the latter is the case, we can simply go back to the original end-to-end SMTP delivery model; no POP/IMAP or any of

RE: Shortcut digital signature verification failure

2002-06-21 Thread Lucky Green
Bill wrote: I have been thinking about how to limit denial of service attacks on a server which will have to verify signatures on certain transactions. It seems that an attacker can just send random (or even not so random) data for the signature and force the server to perform extensive

Secure mail relays [was:RE: DOJ proposes US data-rentention law. ]

2002-06-22 Thread Lucky Green
John wrote quoting Lucky: Locate the button in your MUA that's labeled Use secure connection or something to that effect, search the docs for your MTA for the words STARTTLS, relaying, and potentially SASL, don't use your ISP's smtp server, encourage those that you are

Ross's TCPA paper

2002-06-22 Thread Lucky Green
scenarios is the fact the case. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

RE: Ross's TCPA paper

2002-06-23 Thread Lucky Green
folks in the field. Sure, I know some that could overcome it, but they may not be willing to do the time for what by then will be a crime. Come to think of it, doing so already is a crime. --Lucky Green - The Cryptography Mailing

RE: Ross's TCPA paper

2002-06-23 Thread Lucky Green
Anonymous writes: Lucky Green writes regarding Ross Anderson's paper at: Ross and Lucky should justify their claims to the community in general and to the members of the TCPA in particular. If you're going to make accusations, you are obliged to offer evidence. Is the TCPA really

Two additional TCPA/Palladium plays

2002-06-27 Thread Lucky Green
, or the public key of the person who licensed the application. (Other ways to exist but are omitted in the interest of brevity). --Lucky Green - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

RE: Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design

2002-06-27 Thread Lucky Green
Bob wrote quoting Mark Hachman: The whitepaper can not be considered a roadmap to the design of a Palladium-enabled PC, although it is one practical solution. The whitepaper was written at around the time the Trusted Computing Platform Association (TCPA) was formed in the fall of 2000;

RE: DRMs vs internet privacy (Re: Ross's TCPA paper)

2002-06-27 Thread Lucky Green
much the intent of the TCPA to permit the use of pseudonymous credentials for many, if not most, applications. Otherwise, the TCPA's carefully planned attempts at winning over the online liberty groups would have been doomed from the start. --Lucky Green

RE: Ross's TCPA paper

2002-06-27 Thread Lucky Green
this mean that one should ignore the benefits that TCPA might bring? Of course not. But it does mean that one should carefully weigh the benefits against the risks. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending

RE: Wild and Crazy: Interview with Palladium's Mario Juarez

2002-07-05 Thread Lucky Green
encryption keys to the new TPM. I am not aware of any such plans for non-user generated data, such as purchased entertainment content, but then requiring the user to repurchase such data when changing motherboards is not incompatible with the content providers' business models. --Lucky Green

TPM cost constraint [was: RE: Revenge of the WAVEoid]

2002-07-10 Thread Lucky Green
Bill wrote: At 10:07 PM 06/26/2002 -0700, Lucky Green wrote: An EMBASSY-like CPU security co-processor would have seriously blown the part cost design constraint on the TPM by an order of magnitude or two. Compared to the cost of rewriting Windows to have a infrastructure that can

RE: IP: SSL Certificate Monopoly Bears Financial Fruit

2002-07-12 Thread Lucky Green
James wrote: On 11 Jul 2002 at 1:22, Lucky Green wrote: Trusted roots have long been bought and sold on the secondary market as any other commodity. For surprisingly low amounts, you too can own a trusted root that comes pre-installed in 95% of all web browsers deployed. How

RE: IP: SSL Certificate Monopoly Bears Financial Fruit

2002-07-14 Thread Lucky Green
). --Lucky Green - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

RE: IP: SSL Certificate Monopoly Bears Financial Fruit

2002-07-15 Thread Lucky Green
Enzo wrote quoting Lucky: The cert shows as being issued by Equifax because Geotrust purchased Equifax's root embedded in major browsers since MSIE 5 on the secondary market. (Geotrust purchased more than just the root). This raises an interesting legal issue. Should any loss from

Utilizing Palladium against software piracy

2002-08-08 Thread Lucky Green
- an application for an US Patent covering numerous methods by which software applications can be protected against software piracy on a platform offering the features that are slated to be provided by Palladium. --Lucky Green

RE: Challenge to TCPA/Palladium detractors

2002-08-09 Thread Lucky Green
compiler version so-and-so and compile with that, and your object will match the hash my app looks for. DEI The above view may be overly optimistic. IIRC, nobody outside PGP was ever able to compile a PGP binary from source that matched the hash of the binaries built by PGP. --Lucky Green

RE: RSA's RC5-64 Secret Key Challenge has been solved.

2002-09-27 Thread Lucky Green
as to the legality of performing this research in the U.S. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

RE: PGPfreeware 8.0: Not so good news for crypto newcomers

2002-12-10 Thread Lucky Green
Nicko wrote: I think this comes down to a classic time/money tradeoff. PGP 8.0 Personal edition is currently priced at $39. Even as an experienced Unix and PGP user I think that the GUI on PGP 8.0 will save me an hour of effort over the lifetime of the product, which means it

RE: EU Privacy Authorities Seek Changes in Microsoft 'Passport'

2003-01-28 Thread Lucky Green
Rich Salz wrote: Liberty is architected to be federated, unlike Passport. The Liberty Alliance was stillborn to begin with. Not that it made any practical difference, but the Liberty Alliance received an additional bullet through the head the day that RSA Security, a key participant in the

RE: Columbia crypto box

2003-02-08 Thread Lucky Green
time recount the tale of my discussing key management with the chief-cryptographer for a battlefield communication system considerably younger than the shuttle fleet. Appalling does not being to describe it]. --Lucky Green

RE: Microsoft: Palladium will not limit what you can run

2003-03-15 Thread Lucky Green
AARG!, having burned the nym with the moderator of this list and who is therefore now posting via the Hermes remailer commented on Microsoft, which similarly burned the Palladium name, claims: Hopefully this will shed light on the frequent claims that Palladium will limit what programs people

Re: Russia Intercepts US Military Communications?

2003-03-31 Thread Lucky Green
were very active participants in both the Cypherpunks mailing list and Cypherpunks meetings. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]