Re: Oh for a decently encrypted mobile phone...
On Mon, 18 Sep 2000 [EMAIL PROTECTED] wrote: yet connect to normal analog lines. No reasons why the security couldn't be end-to-end. Lots of reasons. The base unit of those phones has a D-A converter, and talks to the analog network. The digital part is only for the over-the-air connection. With Phase 2+ GSM and UMTS we will have tandem free operation - here it should theoretically be possible to do e2e security. The same goes for GPRS/HSCSD - no essential reason why we couldn't build the voice service on top of a data one, if retransmits can be suppressed and we use a newer codec to fit the bits in the pipe. Sampo Syreeni [EMAIL PROTECTED], aka decoy, student/math/Helsinki university
Net security leader nCipher heads for float
--- begin forwarded text From: Somebody To: "Bob Hettinga" [EMAIL PROTECTED] Subject: Net security leader nCipher heads for float Date: Wed, 20 Sep 2000 10:48:09 +0100 Net security leader nCipher heads for float by NICK GOODWAY Cambridge-based nCipher, one of Britain's leading internet security companies, is to float on the stock market with an expected value of around £250 million. Best known for its security hardware, which is dipped in epoxy plastic to prevent it being tampered with, nCipher's blue-chip client list includes Barclays, Abbey National and Pricewaterhouse-Coopers in this country and the US Navy, Fidelity Brokerage and Microsoft's Hotmail overseas. The company was founded in 1996 by brothers Alex and Nicko van Someren and its hardware and software protection products include nForce, nShield and KeySafe. Currently loss-making, it saw revenues more than double in the first half of this year to £5.5 million. Ahead of its flotation nCipher has appointed Jamie Urquhart, chief operating officer of high-flying chip designer and near neighbour ARM, as a non-executive director. Venture capitalists 3i, Newbury Ventures, Celtic House and France's Viventures all have significant stakes. The founding brothers own 12% between them while other staff and employees own 15%. Chief executive Alex van Someren said: 'The float will give us the ability to move on to our next phase of development.' Sponsor Deutsche Bank is expected to issue a pathfinder prospectus shortly with flotation likely in the next month or so. © Associated Newspapers Ltd., 20 September 2000 --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Washington RSA patent expiration party TONIGHT
We may not be sponsored by a half-dozen dot coms, but we're going to have even more fun. :) If you're in the DC area, join us to toast the official end of the patent at midnight tonight. --Declan Peter Wayner and Declan McCullagh present The End of Patent 4,405,829 Party Wednesday, September 20, 2000 7 pm 'til the official end at midnight in Adams Morgan, Washington, DC Why: Some say that US Patent 4,405,829 suppressed a wonderful technology by giving one company a monopoly on an algorithm. Others say that the patent ensured that there was sufficient financial backing that helped develop the technology. RSA did use its legal rights under the patent to pressure Phil Zimmermann when he developed PGP. In any case, the debate is now over. Come celebrate the algorithm developed by Ron Rivest, Adi Shamir and Len Adleman that gave us privacy and authentication for the web. To RSVP and for directions, email [EMAIL PROTECTED] or [EMAIL PROTECTED]
[CryptoRights] SECURITY ALERT!! (RSA Expiration/Benefit)
(msg: join us at the party! :) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 *** F O R I M M E D I A T E R E L E A S E *** (or even sooner! :) CryptoRights Benefit RSA Expiration Party SECURITY ALERT!! CRF Advisory CA-2000-09-20 Passphrase Compromise Failure in: http://cryptorights.org/events/passphrase.html Original release date: September 20, 2000 Last revised: September 20, 2000 Source: CRF A complete revision history is not at the end of this file. Systems Affected All partygoer humans running the "passphrase.html" service Overview Sharp-eared cryptanalysts have discovered that the SECRET PASSPHRASE for the massive CryptoRights Benefit Complementary RSA Patent Expiration Party -- scheduled for tomorrow 21 Sept 2000 at the Great American Music Hall in San Francisco from 8:00-1:30 -- has not yet been COMPLETELY COMPROMISED!! Shocked party admins, faced with a lack of SECURITY BREACHES (a few of the ~500 RSVPs apparently didn't LEAK THE INFORMATION to HACKER ACCOMPLICES fast enough), have nevertheless released a PASSPHRASE BUG PATCH (within minutes!). The NEW PASSPHRASE is: "Secure Your Human Rights!" This passphrase, being the CryptoRights Motto (and therefore easily guessable) has been DETERMINED TO BE STRONG ENOUGH (for benefit work). Naturally, this system is designed to be as prone to BUFFER OVERFLOWS and other INSECURITIES as humanly possible, so the OLD PASSPHRASE (which was "I will never forge the passphrase") will STILL WORK because some party admin will not get this email until after the party and will forget to revoke it after the fact. We appreciate your keeping this information from yourself for as long as possible (ten seconds should be enough ...wait for it), then LEAKING IT TO THE PRESS and all your friends. dave -BEGIN PGP SIGNATURE- Version: PGP 'Leventy-Zillion Ninety-Four Point Six and a Half. iQA/AwUBOckku5BN/qMowCmvEQIX6gCgpmmbHTHqXYc0KcBEhS70UryHCjAAnj1v rfrS+gFvJNk8BWL0Ep5u013R =aw4m -END PGP SIGNATURE- Party Update! http://cryptorights.org/events/patent-benefit.html#updates Schedule: http://cryptorights.org/events/benefit-schedule.html Tell Friends! mailto:INSERT-EMAIL?subject=http://cryptorights.org/benefit
Error in announcement [ANNOUNCE: OpenSSL 0.9.6 beta 3 (Final beta)]
The announcement that was just sent out contained an error. The following tarballs were mentioned: openssl-0.9.6-beta2.tar.gz openssl-engine-0.9.6-beta2.tar.gz The correct files are of course: openssl-0.9.6-beta3.tar.gz openssl-engine-0.9.6-beta3.tar.gz My appologies. -- Richard Levitte [EMAIL PROTECTED] OpenSSL Project http://www.openssl.org/~levitte/ Software Engineer, Celo Communications: http://www.celocom.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Command-line tools supporting both PKCS#12 and PKCS#11
Can someone provide or point to a list of tokens which support the PKCS-11 ("Cryptoki" interface? TIA!