On 01/11/12 20:01, Phillip Hallam-Baker wrote:
OK so some examples do exist. But really what proportion of real world
compromises do not involve something bone headed like using a 512 bit
key for DKIM signatures?
What I am saying here is not 'don't do CT', I am saying that we have to
make the ease of administration a high priority in the design.
I would say that "ease of administration" for server operators is one of
the main reasons why Ben is interested in getting CAs to participate! ;-)
On Thu, Nov 1, 2012 at 3:52 PM, Ben Laurie <b...@google.com
<mailto:b...@google.com>> wrote:
On 1 November 2012 18:38, Phillip Hallam-Baker <hal...@gmail.com
<mailto:hal...@gmail.com>> wrote:
> Again, does it appear so subtle after it has been discovered?
Well, I find I have to remind myself how it works. So ... yeah.
Also, I assumed Bliechanbacher was the exponent 3 thing, which was
also pretty subtle.
>
> Would the flaw have been discovered sooner if there was not so
much dead
> code?
I don't think dead code had any influence on either of these.
>
>
> On Thu, Nov 1, 2012 at 2:35 PM, Ben Laurie <b...@google.com
<mailto:b...@google.com>> wrote:
>>
>> On 1 November 2012 18:00, Stephen Farrell
<stephen.farr...@cs.tcd.ie <mailto:stephen.farr...@cs.tcd.ie>>
>> wrote:
>> >
>> >
>> > On 11/01/2012 05:22 PM, Phillip Hallam-Baker wrote:
>> >> Having worked in Web security over 20 years now, I have still
to see a
>> >> case
>> >> where a system was breached because of a really subtle design
flaw.
>> >
>> > Bleichenbacher?
>>
>> TLS renegotiation?
>>
>> >
>> > S.
>> > _______________________________________________
>> > therightkey mailing list
>> > therightkey@ietf.org <mailto:therightkey@ietf.org>
>> > https://www.ietf.org/mailman/listinfo/therightkey
>
>
>
>
> --
> Website: http://hallambaker.com/
>
--
Website: http://hallambaker.com/
_______________________________________________
therightkey mailing list
therightkey@ietf.org
https://www.ietf.org/mailman/listinfo/therightkey
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909
www.comodo.com
COMODO CA Limited, Registered in England No. 04058690
Registered Office:
3rd Floor, 26 Office Village, Exchange Quay,
Trafford Road, Salford, Manchester M5 3EQ
This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the
sender by replying to the e-mail containing this attachment. Replies to
this email may be monitored by COMODO for operational or business
reasons. Whilst every endeavour is taken to ensure that e-mails are free
from viruses, no liability can be accepted and the recipient is
requested to use their own virus checking software.
_______________________________________________
therightkey mailing list
therightkey@ietf.org
https://www.ietf.org/mailman/listinfo/therightkey