-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Steven M. Bellovin
Sent: 03 May 2008 00:51
To: Arcane Jill
Cc: cryptography@metzdowd.com
Subject: Re: SSL and Malicious Hardware/Software
I can't think of a great way of alerting the user,
I would
to jump through hoops would be a good start.
Arcane Jill
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Hi,
It's possible I may be reinventing the wheel here, so my apologies if
that's so, but it occurs to me that there's a defence against an offline
dictionary attack on an encrypted file. Here's what I mean: Say you have
a file, and you want to keep it secret. What do you do? Obviously you
Okay, okay. I've got the message. I give in.
The toolkit will be distributed with the most generous, most liberal
license possible. This means that (basically) anyone can do pretty much
anything with it, including release binaries compiled with it.
I'm happy with this decision. It means that