Re: [cryptography] Request - PKI/CA History Lesson - the definition of trust

2014-05-04 Thread John Levine
In article you write: >On 2014-05-03, at 3:22 AM, wrote: > >> Frankly, if we could "trust" in DNS, we would not need to "trust" in >> web-PKIX [2] - since the one is just the bandaid for the other. > >Have you forgotten that routing can be subverted? > >Just because you are talking to the right

Re: [cryptography] [Cryptography] Announcing ClearCrypt: a new transport encryption library

2014-05-04 Thread Tony Arcieri
On Sun, May 4, 2014 at 6:38 PM, Greg wrote: > Can you discuss your thoughts on those two, the pros and cons of each, why > you chose one over the other, and whether you'll consider changing your > mind? ^_^ > No specific choices have been made yet. CurveCP and MinimaLT are both valid options. A

Re: [cryptography] [Cryptography] Announcing ClearCrypt: a new transport encryption library

2014-05-04 Thread Greg
Very cool stuff Tony! Major props to you on getting this going! =D I'm not super familiar with CurveCP, but was rather impressed with MinimaLT after reading their paper. Can you discuss your thoughts on those two, the pros and cons of each, why you chose one over the other, and whether you'll

Re: [cryptography] Request - PKI/CA History Lesson - the definition of trust

2014-05-04 Thread Greg
On May 4, 2014, at 6:39 PM, Jeffrey Goldberg wrote: > On 2014-05-03, at 3:22 AM, wrote: > >> Frankly, if we could "trust" in DNS, we would not need to "trust" in >> web-PKIX [2] - since the one is just the bandaid for the other. > > Have you forgotten that routing can be subverted? > > Just

Re: [cryptography] Announcing ClearCrypt: a new transport encryption library

2014-05-04 Thread Peter Maxwell
On 4 May 2014 23:54, Tony Arcieri wrote: > > > The project is presently complete vaporware, but the goal is to produce a > Rust implementation of a next generation transport encryption library. The > protocol itself is still up for debate, but will likely be based off > CurveCP or Noise. > > > ​W

Re: [cryptography] Request - PKI/CA History Lesson - the definition of trust

2014-05-04 Thread Jeffrey Goldberg
On 2014-05-03, at 3:22 AM, wrote: > Frankly, if we could "trust" in DNS, we would not need to "trust" in > web-PKIX [2] - since the one is just the bandaid for the other. Have you forgotten that routing can be subverted? Just because you are talking to the right IP address doesn’t mean you are

[cryptography] Announcing ClearCrypt: a new transport encryption library

2014-05-04 Thread Tony Arcieri
ClearCrypt's goal is to produce a minimalist transport encryption library written in a memory-safe language: Rust. Web site: http://clearcrypt.org/ The problem: http://clearcrypt.org/tls/ Github repo: https://github.com/clearcrypt/clearcrypt The project is presently complete vaporware, but the go