Jostein Tveit wrote:
Ben Laurie <[EMAIL PROTECTED]> writes:
...thought this might interest people here.
Anyone got a test key with a real and a forged signature to test
other implementations than OpenSSL?
If I understand the attack mathematics correctly, the following
algorithm shoul
Travis H. wrote:
> Does anyone know of any OSS OS facilities for managing keys?
Take a look at the GNOME Keyring:
http://en.wikipedia.org/wiki/GNOME_Keyring
http://cvs.gnome.org/viewcvs/gnome-keyring/
In addition, various frontends exists to GnuPG, e.g. KGPG. It's not yet
clear, but I might ha
Perry,
please merge with my previous message; I hit 'send' by mistake.
Also, the following are of general interest:
Henson S., `Netscape certificate database info`:
http://www.drh-consultancy.demon.co.uk/cert7.html
Henson S., `Netscape key database format`:
http://www.drh-consultancy.dem
Ben Laurie <[EMAIL PROTECTED]> writes:
> ...thought this might interest people here.
Anyone got a test key with a real and a forged signature to test
other implementations than OpenSSL?
Thanks in advance.
Regards,
--
Jostein Tveit <[EMAIL PROTECTED]>
--
James A. Donald wrote:
> --
> James A. Donald wrote:
>> > What is the penetration of Secure DNS?
>
> Ben Laurie wrote:
>> Anyone who is running any vaguely recent version of
>> BIND is DNSSEC enabled, whether they are using it now
>> or not.
>
> I am not well informed about DNSSEC, but I am u
> Any considerations that I'm missing?
Something more general then *-agent but not part of the core-OS
might be Novell's CASA. AFAICR it is open source and part of newer
SUSE Linux distributions...
Thomas
--
Tom <[EMAIL PROTECTED]>
fingerprint = F055 43E5 1F3C 4F4F 9182 CD59 DBC6 111A 8516 8
Ben Laurie <[EMAIL PROTECTED]> quotes:
>Since I've been told often that most of the world won't upgrade resolvers,
>presumably most of the world will be vulnerable to this problem for a long
>time.
What you really meant to say was "most of the vanishingly small proportion of
the world that bother
On Sun, 10 Sep 2006, James A. Donald wrote:
> Could you describe this attack in more detail. I do not see a
> scenario where it would be useful.
Suppose that an attacker runs an activex control on the user's
computer and the control is able to ask a smart card connected to the
computer to perform
--
James A. Donald wrote:
> > What is the penetration of Secure DNS?
Ben Laurie wrote:
> Anyone who is running any vaguely recent version of
> BIND is DNSSEC enabled, whether they are using it now
> or not.
I am not well informed about DNSSEC, but I am under the
impression that:
1. Actuall
Typo:
James A. Donald wrote:
Let P(k) be the kth block of plain text. We prepend a
random block, P(0) to the text, and append a fixed block
to the end. If anything is altered, the fixed block at
the end will not contain the expected data, but will be
gibberish.
The adversary knows every block
10 matches
Mail list logo
