At 02:25 PM 05/19/2000 -0400, Arnold G. Reinhold wrote:
> . But a cooperative relationship between Microsoft and NSA
>(or any vendor and their local signals security agency) can be more
>subtle. What if Microsoft agreed not to fix that bug? What if
>Microsoft gives NSA early access to sou
David Honig wrote:
> The *only* reason for using DES (or 3DES) is legacy systems, ie, backwards
> interop. IPSec stacks (like *all* crypto things) should come with, and
> negotiate to use, better crypto when they can. Which should be most of the
> time, given how new both sides of most links wil
-BEGIN PGP SIGNED MESSAGE-
"L. Sassaman" wrote:
> On Wed, 17 May 2000, Dennis Glatting wrote:
>
> > > Frankly, I can't understand why the IPsec protocol still allows DES. It
> > > should require strong encryption. Having DES in a product these days
> > > makes about as much sense as mand
Someone made the comment in this thread (I can't seem to find it
again) that a bug in MS security that counts as a hole, not a
backdoor. But a cooperative relationship between Microsoft and NSA
(or any vendor and their local signals security agency) can be more
subtle. What if Microsoft agreed
In message <[EMAIL PROTECTED]>, Paul C
rowley writes:
>I'm guessing that they have to have a MUST cipher, and they don't want
>to change twice, so it makes sense to wait until September and then
>make AES (or AES primary) the only MUST cipher.
Correct.
--Steve Bellovin
> This makes it quite possible to detect this kind of simple
> spoofing by using two or more GPS antennas located a known distance from
> each other and checking to see that the positions computed from the
> signal out of each one differ by the known distances.
Sounds like some interested
At 12:56 AM 5/19/00 -0500, John Kelsey wrote:
>few thousand known plaintexts), that fact will be kept secret. Which
>means that they will have to be *very* careful making any use of
>information recovered from that break, to avoid leaking the fact that
>they can break it.
>- --John Kelsey, [EMAIL
Actually, the SAAG voted to drop DES from IPsec back in, oh, the
Minneapolis IETF in March '99 (IIRC). I think the problem is that
nobody has revved the IPsec docs.
-derek
Paul Crowley <[EMAIL PROTECTED]> writes:
> "L. Sassaman" <[EMAIL PROTECTED]> writes:
> > > > Frankly, I can't understand w
[This isn't cryptography related, but helping John keep his web site
of useful crypto information working well helps the community, so I'm
allowing it. If you aren't a web server type who knows how to help,
you probably want to delete this now. --Perry]
We need help on analyzing the adverse effec
In message <[EMAIL PROTECTED]>, "Perry E. Metzger" writes:
>>
>>As interpreted by the FCC, the act also would require telecommunications
>>providers to turn over "packet-mode communications" - such as those that
>>carry Internet traffic - without the warrant required for a phone wiretap.
I thi
Paul Kierstead wrote:
>
> > Frankly, I can't understand why the IPsec protocol still
> > allows DES. It
> > should require strong encryption. Having DES in a product
> > these days makes
> > about as much sense as mandating the usage of ROT13.
>
> OK, so I want to prevent some regular, every-day
-BEGIN PGP SIGNED MESSAGE-
At 08:58 AM 5/18/00 -0400, Russell Nelson wrote:
>L. Sassaman writes:
> > PGP's source code has always been available for public review.
> > This has not changed. There are no "back doors" for the NSA in
> > PGP,
>
>Unless they are particularly subtle ones, bas
"L. Sassaman" <[EMAIL PROTECTED]> writes:
> > > Frankly, I can't understand why the IPsec protocol still allows DES.
> >
> > We are waiting for AES.
>
> So am I correct in assuming you are saying that DES will be disallowed as
> part of the IPsec protocol when AES is finalized?
>
> This would b
At 10:03 AM 5/18/00 -0400, Paul Kierstead wrote:
>OK, so I want to prevent some regular, every-day hackers from picking up my
>traffic. Or I just want reasonable protection for my passwords in Telnet or
>FTP. You are saying that some guy in his basement can break DES?
There's a lot of spare cycl
14 matches
Mail list logo
