Re: AES-256 vs. AES-128

Other recommended reading when discussing this: https://crypto.stackexchange.com/questions/5118/is-aes-256-weaker-than-192-and-128-bit-versions https://www.schneier.com/blog/archives/2009/07/another_new_aes.html

Re: Proposal: Disable SSLv3 in Firefox ESR 31

On Tue, 21 Oct 2014 01:40:45 +0200 Kai Engert k...@kuix.de wrote: On Thu, 2014-10-16 at 20:51 +0200, Kai Engert wrote: Do you claim that Firefox 34 will continue to fall back to SSL 3 when necessary? Yes. If I understand correctly, it seems that Firefox indeed still falls back to SSL3,

Re: Proposal: Disable SSLv3 in Firefox ESR 31

On Thu, 16 Oct 2014 20:27:24 +0200 Florian Weimer f...@deneb.enyo.de wrote: * Richard Barnes: If there are any objections or comments on that proposal, please raise them in this thread. A lot of this has already been hashed out on the IETF TLS WG mailing list, with a slightly different

Re: Memory leak fixes

://bugzilla.mozilla.org/ -- Reed Loden - r...@reedloden.com -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: Improper SSL certificate issuing by CAs

://bugzilla.mozilla.org/show_bug.cgi?id=556468 for (any) investigation tracking. ~reed -- Reed Loden - r...@reedloden.com -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto

Fw: [oss-security] Using NSS (Netscape Security Services) in setuid programs

uses NSS to establish a TLS connection for authentication purposes, this allows a local attacker to enable features which make it easier to impersonate the authentication server. I couldn't find any programs which might suffer from such a problem, though. -- Reed Loden - r...@reedloden.com

Re: Must take down the news/mail gateway until spam abates

a stop-gap) to this very annoying problem, as we know it affects the ability to just get work done. Thanks for your patience in this matter. ~reed, wearing my Mozilla SysAdmin hat -- Reed Loden - r...@reedloden.com -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https

Re: Must take down the news/mail gateway until spam abates

On Tue, 24 Feb 2009 05:22:35 -0600 Reed Loden r...@reedloden.com wrote: I've filed https://bugzilla.mozilla.org/show_bug.cgi?id=479949 to track this issue, ... Apparently, I didn't notice https://bugzilla.mozilla.org/show_bug.cgi?id=425122 when filing, so I've duped the above bug to bug

Re: OT: mozilla.org domain ownership

for *.mozilla.org? The O= is currently Mozilla Corporation, rather than Mozilla Foundation. ~reed -- Reed Loden - r...@reedloden.com ___ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: [Fwd: Follow-Up on www.verisign.com SSL Order]

On Sun, 28 Dec 2008 22:13:53 +0200 Eddy Nigg eddy_n...@startcom.org wrote: On 12/28/2008 09:45 PM, Reed Loden: You can use any e-mail address as a Google Account, so yes, I really think so. Patricia's reply confirms this, too. Reed, Servage is a hosting company, their MX record isn't

Re: [Fwd: Follow-Up on www.verisign.com SSL Order]

Groups, and I bet her google account is the address used in the post to which you're referring. She probably just forgot to change it to her work address before sending. I wouldn't fault her or her company for this mistake in any way. ~reed -- Reed Loden r...@reedloden.com