Kaspersky Lab announces the launch of Stop Gpcode, an international
initiative against the blackmailer virus
http://www.kaspersky.com/news?id=207575651
If Kaspersky has made the analyze, and breaking a 1024 bit key is
reasonnably within reach of a distributed effort, that means nobody
should
Kaspersky still now not able to break 1024 bit key, they highest bit size
they claimed to break is 660.
samrat
On Wed, Jun 11, 2008 at 2:01 PM, Jean-Marc Desperrier [EMAIL PROTECTED]
wrote:
Kaspersky Lab announces the launch of Stop Gpcode, an international
initiative against the blackmailer
Michael Ströder wrote:
Eddy Nigg (StartCom Ltd.) wrote:
I could produce millions of keys in my free time and post them to some
web site...I could tell you now that those are all compromised keys
and all CAs should now scan their subscribers keys against the ones I
posted. Should it find one,
Jean-Marc Desperrier:
Kaspersky Lab announces the launch of Stop Gpcode, an international
initiative against the blackmailer virus
http://www.kaspersky.com/news?id=207575651
If Kaspersky has made the analyze, and breaking a 1024 bit key is
reasonnably within reach of a distributed effort, that
Eddy Nigg (StartCom Ltd.) wrote:
[...]
However more interesting is this reference:
No, that is not more interesting. It's been known for a year or two that
keys around 600 bits were broken, and it was therefore already quite
obvious that 768 wasn't safe today.
But *only* 15000 computers and
Jean-Marc Desperrier wrote:
Kaspersky Lab announces the launch of Stop Gpcode, an international
initiative against the blackmailer virus
http://www.kaspersky.com/news?id=207575651
That seems pointless to me. If they crack it after a few months, the
virus author will just generate a new key
Robert Relyea wrote:
1) work with CA's, in their existing infrastructures to get those certs
revoked.
2) include that list of keys in the browser itself to detect this
compromise.
3) build a parallel revocation scheme to phone home to mozilla (a.la.
anti-phishing) to identify sites with
Eddy Nigg (StartCom Ltd.) wrote:
Jean-Marc Desperrier:
Eddy Nigg (StartCom Ltd.) wrote:
[...]
However more interesting is this reference:
No, that is not more interesting. It's been known for a year or two that
keys around 600 bits were broken, and it was therefore already quite
obvious
Jean-Marc Desperrier:
Well I don't know why neither you nor Paul found it, maybe because you
searched for exactly 650 bits, it should take only seconds to find
references to the factorisation of RSA-640 and of RSA-200 (a 200 digits
number that is in fact 663 bits long).
Gervase Markham wrote:
[...]
If we see
cooperation from CA's in quickly revoking those certs which are
vulnerable, that would be enough to convince mozilla the right way to
solve the problem is to depend on option 1 and fix revocation in the
existing browsers.
This is an opportunity to
Hi guys,
I'm looking for some guidance on how to import and remove .p12 user
certificates in the firefox user cert store. I would imagine
everything I need to accomplish this would be in the JSS PKCS12
library. Can anyone give me some details on how to go about doing
this? I just want to keep
At 3:01 PM +0200 6/11/08, Jean-Marc Desperrier wrote:
I might have reacted a bit too strongly on this news.
+1
At 2:56 PM +0200 6/11/08, Jean-Marc Desperrier wrote:
Also I'd need to search for more reference, but I've been reading that
the factorisation of the 2^1039-1 Mersenne number
Paul Hoffman wrote:
Note, however, that
they seem to be about the only group who is publishing any results from
their efforts. That could either mean they are the only group working on
it, or that other groups working on it are not getting publishable results.
Or 3. that other groups
We've actually had a discussion on this topic very recently. My
understanding of what we've learned from that discussion (feel free to
chime in if I'm not understanding properly):
1) The NIST (a US organization) states that after December 31, 2010,
nobody should be using 1024-bit RSA keys to
Just want to ask before opening a new bug: Upon visiting a newly
generated server certificate, the OCSP server wasn't ready and/or the
certificate chain wasn't complete. Ever since, I can't access this site
and receive sec_error_untrusted_cert. Even when using a different sub
domain (it's a
If it's a persistent error in the profile, a bug needs to be filed
anyway. I have not yet seen this behavior.
-Kyle H
2008/6/11 Eddy Nigg (StartCom Ltd.) [EMAIL PROTECTED]:
Just want to ask before opening a new bug: Upon visiting a newly generated
server certificate, the OCSP server wasn't
16 matches
Mail list logo
