Email end-to-end: PGP, PGP/MIME, S/MIME. Not tunnel SSL or SSL
at the end points.
Lars Eilebrecht wrote:
According to Ed Gerck:
But encryption and authentication are a hassle today, with less
than 2% of all email encrypted (sorry, can't cite the source I know).
Are these 2% 'only' S/MIME and PGP-
According to Ed Gerck:
> But encryption and authentication are a hassle today, with less
> than 2% of all email encrypted (sorry, can't cite the source I know).
Are these 2% 'only' S/MIME and PGP-encrypted email messages or
is SSL-encrypted email communication included?
ciao...
--
Lars Eilebrec
minor ref:
Hospital Adopts PGP Universal For HIPAA Compliance
http://www.compliancepipeline.com/showArticle.jhtml?articleID=21401313
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTE
At 05:15 AM 6/2/2004, Ben Laurie wrote:
SPF will buy me one thing forever: I won't get email telling me I sent
people spam and viruses.
Unfortunately, that won't work for me.
My email address is at pobox.com, the mail forwarding service
where the main proponent of SPF works,
but my SMTP service is
Peter Gutmann wrote:
No they won't. All the ones I've seen are some variant on the "build a big
wall around the Internet and only let the good guys in", which will never work
because the Internet doesn't contain any definable inside and outside, only
800 million Manchurian candidates waiting to ac
On Mon, May 31, 2004 at 08:27:49PM -0700, bear wrote:
> >The point of an automated web of trust is that the machine is doing the
> >accounting for you.
>
> Does it? If there were meaningful reputation accounting
You got fooled by the present tense. If there was such an architecture, I
wouldn't
On Mon, 31 May 2004, Eugen Leitl wrote:
>> The bigger problem is that webs of trust don't work.
>> They're a fine idea, but the fact is that nobody keeps
>> track of the individual trust relationships or who signed
>
>The point of an automated web of trust is that the machine is doing the
>accou
On Sun, May 30, 2004 at 12:36:53PM -0700, bear wrote:
> > > If I'm a node in a web of trust (FOAF is a human), prestige will
> > > percolate through it completely. That way I can color a whole
> > > domain with a nonboolean trust hue, while a domain of fakers will
> > > have only very few connecti
On Sun, May 30, 2004 at 12:36:53PM -0700, bear wrote:
> The bigger problem is that webs of trust don't work.
> They're a fine idea, but the fact is that nobody keeps
> track of the individual trust relationships or who signed
> a key; few people even bother to find out whether there's
> a path of
On Sat, 29 May 2004, Russell Nelson wrote:
>Eugen Leitl writes:
> > If I'm a node in a web of trust (FOAF is a human), prestige will
> > percolate through it completely. That way I can color a whole
> > domain with a nonboolean trust hue, while a domain of fakers will
> > have only very few conn
Eugen Leitl writes:
> If I'm a node in a web of trust (FOAF is a human), prestige will
> percolate through it completely. That way I can color a whole
> domain with a nonboolean trust hue, while a domain of fakers will
> have only very few connections (through compromises, or human
> mistakes)
On Fri, 28 May 2004, Anne & Lynn Wheeler wrote:
>connecting systems that were designed for fundamentally safe and isolated
>environment to wide-open anarchy hostile operation exposes all sorts of
>problems. somewhat analogous to not actually needing a helmet for riding a
>motorcycle ... or seat
On Fri, May 28, 2004 at 09:46:03AM -0700, bear wrote:
> Spam won't stop until spam costs the spammers money.
If I'm a node in a web of trust (FOAF is a human), prestige will
percolate through it completely. That way I can color a whole domain with a
nonboolean trust hue, while a domain of fakers
On Sat, 29 May 2004, Peter Gutmann wrote:
>"Anton Stiglic" <[EMAIL PROTECTED]> writes:
>
>>I think cryptography techniques can provide a partial solution to spam.
>
>No they won't. All the ones I've seen are some variant on the "build a big
>wall around the Internet and only let the good guys i
At 09:27 AM 5/28/2004, Peter Gutmann wrote:
No they won't. All the ones I've seen are some variant on the "build a big
wall around the Internet and only let the good guys in", which will never work
because the Internet doesn't contain any definable inside and outside, only
800 million Manchurian c
"Anton Stiglic" <[EMAIL PROTECTED]> writes:
>I think cryptography techniques can provide a partial solution to spam.
No they won't. All the ones I've seen are some variant on the "build a big
wall around the Internet and only let the good guys in", which will never work
because the Internet does
Ian Grigg writes:
> Email will continue to defy the mass employment of crypto, although
> if someone were to add a "create self-signed cert now" button,
> things might improve.
Working on it: http://antispam.yahoo.com/domainkeys
> j. a cryptographic solution for spam and
> viruses won't b
Ian Grigg wrote:
... fundamentally, as Steve suggests,
we expect email from anyone, and it's free.
We have to change one of those basic features
to stop spam. Either make it "non-free," or
make it "non-authorised." Hashcash doesn't
achieve either of those, although a similar
system such as a pa
Ben Laurie wrote:
Steven M. Bellovin wrote:
The spammers are playing with other people's money, cycles, etc. They
don't care.
We took that into account in the paper. Perhaps you should read it?
http://www.dtc.umn.edu/weis2004/clayton.pdf
(Most of the people on this list are far too
professiona
In message <[EMAIL PROTECTED]>, Ben Laurie writes:
>Steven M. Bellovin wrote:
>> In message <[EMAIL PROTECTED]>, "Anton Stiglic" write
>s:
>>
>>>- Original Message -
>>>From: "Steven M. Bellovin" <[EMAIL PROTECTED]>
>>>
>j. a cryptographic solution for spam and
>viruses won't be
In message <[EMAIL PROTECTED]>, "Anton Stiglic" writes:
>
>- Original Message -
>From: "Steven M. Bellovin" <[EMAIL PROTECTED]>
>
>> >
>> >j. a cryptographic solution for spam and
>> >viruses won't be found.
>>
>> This ties into the same thing: spam is *unwanted* email, but it's not
>>
At 09:36 AM 5/11/2004, Steven M. Bellovin wrote:
In message <[EMAIL PROTECTED]>, Ian Grigg writes:
> Security architects
>will continue to do most of their work with
>little or no crypto.
And rightly so, since most security problems have nothing to do with
the absence of crypto.
>
>j. a cryptograp
- Original Message -
From: "Steven M. Bellovin" <[EMAIL PROTECTED]>
To: "Ian Grigg" <[EMAIL PROTECTED]>
Cc: "Graeme Burnett" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Tuesday, May 11, 2004 11:36 AM
Subject: Re: The future of s
[EMAIL PROTECTED] wrote:
> Would anyone there have any good predictions on how
> cryptography is going to unfold in the next few years
> or so? I have my own ideas, but I would love
> to see what others see in the crystal ball.
>
I'd like to think we would see a new flowering of c
[EMAIL PROTECTED] wrote:
Would anyone there have any good predictions on how
cryptography is going to unfold in the next few years
or so? I have my own ideas, but I would love
to see what others see in the crystal ball.
prediction:
just as in the 1990s the commercial world caught
In message <[EMAIL PROTECTED]>, Ian Grigg writes:
> Security architects
>will continue to do most of their work with
>little or no crypto.
And rightly so, since most security problems have nothing to do with
the absence of crypto.
>
>j. a cryptographic solution for spam and
>viruses won't be fou
At 8:21 PM +0100 4/26/04, Graeme Burnett wrote:
Hello folks,
I am doing a presentation on the future of security,
which of course includes a component on cryptography.
That will be given at this conference on payments
systems and security: http://www.enhyper.com/paysec/
Would anyone there have any
I've moved this to the top because I feel it is the most important statement
that can be made
Hadmut said :
> Security doesn't
> necessarily mean cryptography.
- Original Message -
From: "Hadmut Danisch" <[EMAIL PROTECTED]>
Subject: Re: The future of secu
further observations about mixing authentication signing and
signature signing ... as well as nature of naked public keys ...
recently posted to thread in sci.crypt:
http://www.garlic.com/~lynn/2004e.html#20 Soft signatures
and "the future of security" ... somewhat orthogonal to cryptography ...
Ian Grigg wrote:
Graeme Burnett wrote:
Hello folks,
I am doing a presentation on the future of security,
which of course includes a component on cryptography.
That will be given at this conference on payments
systems and security: http://www.enhyper.com/paysec/
Would anyone there have any good
Graeme Burnett wrote:
Hello folks,
I am doing a presentation on the future of security,
which of course includes a component on cryptography.
That will be given at this conference on payments
systems and security: http://www.enhyper.com/paysec/
Would anyone there have any good predictions on how
Many thanks to the list members who have contributed ideas to the above -
I'll share the results by previewing the paper in the next few weeks if I
may.
Having been a devotee of the financial crypto community for many years, a
thought has just occurred to me about the possible use of Systemics
Ric
Would anyone there have any good predictions on how
cryptography is going to unfold in the next few years
or so? I have my own ideas, but I would love
to see what others see in the crystal ball.
prediction:
just as in the 1990s the commercial world caught up to
the mil world i
On Mon, Apr 26, 2004 at 08:21:43PM +0100, Graeme Burnett wrote:
>
> Would anyone there have any good predictions on how
> cryptography is going to unfold in the next few years
> or so? I have my own ideas, but I would love
> to see what others see in the crystal ball.
My guess is that it is un
Hello folks,
I am doing a presentation on the future of security,
which of course includes a component on cryptography.
That will be given at this conference on payments
systems and security: http://www.enhyper.com/paysec/
Would anyone there have any good predictions on how
cryptography is going
35 matches
Mail list logo
