On Tue, Feb 24, 2009 at 03:06:21PM -0500, Perry E. Metzger wrote:
If you expect to be presenting things at that level of detail to
developers, you're going to lose.
Agreed on this end. However, these are web security people, not mere
web developers. They are very sharp on complicated issues
Hello all,
I'm working on a presentation about cryptography to give to the Open
Web Application Security Project (OWASP). The reason why I'm giving
it is that I've seen web developers doing crypto a lot lately, and
they seem to be making some naive mistakes, like using ECB mode for
multi-block
Travis travis+ml-cryptogra...@subspacefield.org writes:
I'm working on a presentation about cryptography to give to the Open
Web Application Security Project (OWASP).
[...]
In addition, I'm curious about:
Which hashes are currently vulnerable to length-extension attacks. If
I recall Bruce