On 12/18/05, Ben Laurie <[EMAIL PROTECTED]> wrote:
> > It would happen at least as much as it happens with
> > https, and it happens enough with https that false
> > negatives enormously outweigh true negatives.
>
> True, but I don't see false negatives very often with https at all. And
> I visit f
--
James A. Donald:
> > My two most recent logins were with "First National
> > Bank of Omaha" and "Your IBM Savings plan"
> >
> > Is "firstnational.com" the same entity as "First
> > National Bank of Omaha"? Is
> > "https://lb22.resources.hewitt.com"; the same entity
> > as "Your IBM Savin
James A. Donald wrote:
> --
> "James A. Donald"
>>> Let us imagine that SSH had certified keys. Well,
>>> certifying a key is bound to be complicated, and
>>> things are bound to go wrong, and the name that you
>>> bind it to is bound to be somewhat shifty.
>
> Ben Laurie
>> I don't see wh
--
"James A. Donald"
> > Let us imagine that SSH had certified keys. Well,
> > certifying a key is bound to be complicated, and
> > things are bound to go wrong, and the name that you
> > bind it to is bound to be somewhat shifty.
Ben Laurie
> I don't see why that would happen all that muc
James A. Donald wrote:
> --
> From: Ben Laurie <[EMAIL PROTECTED]>
>
>>if the key changes in OpenSSH you can't connect until
>>you take positive action by deleting the old key from
>>the known_hosts file. This is totally different to
>>accepting a new key.
>>
>>I will agree
David Mercer wrote:
> And my appologies to Ben Laurie and friends, but why after all these
> years is the UI interaction in ssh almost exactly the same when
> accepting a key for the first time as overriding using a different one
> when it changed on the other end, whether from mitm or just a
> ke
--
From: Ben Laurie <[EMAIL PROTECTED]>
> if the key changes in OpenSSH you can't connect until
> you take positive action by deleting the old key from
> the known_hosts file. This is totally different to
> accepting a new key.
>
> I will agree that something better than ju
David Mercer wrote:
>>>Horrible, horrible UI, and I'm not sure what's worse, that or trying
>>>to USE pgp (gpg, whatever) from a command line, or getting it
>>>integrated into a gui mail client.
>>
>>Two words: Thunderbird, enigmail.
>
>
> Sorry, I've become totally addicted to gmail and just can
On 12/15/05, Ben Laurie <[EMAIL PROTECTED]> wrote:
> David Mercer wrote:
> Thanks for the apology, but ... ssh is not my fault.
Sorry, crosswired openssl and openssh in my brain!
> I will agree that something better than just showing you the key would
> be cool. Like maybe it could be signed by s
David Mercer wrote:
> And my appologies to Ben Laurie and friends, but why after all these
> years is the UI interaction in ssh almost exactly the same when
> accepting a key for the first time as overriding using a different one
> when it changed on the other end, whether from mitm or just a
> key
(Hopefully this is sent as ascii, as I had previously set my gmail to
send in utf-8 encoding, as I often send email in french as well as
english. -djm)
On 12/11/05, James A. Donald <[EMAIL PROTECTED]> wrote:
> It is not my position that inability to sign means that
> the chairman of the board is s
11 matches
Mail list logo
