I agree, multisignatures seem prudent. So does multiple public key
encryption algorithms for symmetric key exchange. Why risk a breakthrough
against one?
Cheers,
William
-Original Message-
From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf
Of Peter Todd
Sent: Friday
Yes, we're looking at ways to extend the open source grant. GPL will most
likely be only the first step.
William
- sent from my phone
On Nov 28, 2013 5:14 AM, "CodesInChaos" wrote:
> Have you considered a patent licence that applies to all open source
> software, similar to Rogaway's OCB Licens
We’re getting a lot of feedback that this isn’t clear, and we’ll make sure
it is clarified. Also, it’s not clear that this grant is meant to be
irrevocable; we’ll fix that too.
William
*From:* William Whyte [mailto:wwh...@securityinnovation.com]
*Sent:* Wednesday, November 27, 2013 6:40 PM
It's meant to be 2 and later. Sorry if this isn't clear, we'll revise the
license text.
William
- sent from my phone
On Nov 27, 2013 6:28 PM, "Lars Luthman" wrote:
> So the news is that it can be used for GPL software without patent
> issues? If so that's nice, but the various documents are a b
Just to be clear, NIST haven't endorsed NTRU for use, but they did speak
favourably of it in a report on quantum-secure crypto.
William
On Mon, Aug 5, 2013 at 7:04 AM, Eugen Leitl wrote:
> - Forwarded message from Gregory Maxwell -
>
> Date: Sun, 4 Aug 2013 23:41:57 -0700
> From: Greg
Does anyone know if this attack took the expected amount of time
(confirming the strength of this particular curve), or significantly less
(in which case it’s something to be concerned about)?
William
*From:* cryptography-boun...@randombit.net [mailto:
cryptography-boun...@randombit.net] *On
You can obviously prove it in the case where Alice claims she knows
SHA-1(SHA-1(m)), which seems to be the same claim.
William
> -Original Message-
> From: cryptography-boun...@randombit.net [mailto:cryptography-
> boun...@randombit.net] On Behalf Of Francois Grieu
> Sent: Wednesday, Febr
> > But really, I think that code signing is a great thing, it's just
being done
> wrong because some people seem to think that spooky action at a distance
> works with bits.
>
> The question at hand is this: what is the meaning of expiration or
revocation
> of a code-signing certificate? That I c
@randombit.net; pgut...@cs.auckland.ac.nz;
wwh...@securityinnovation.com
Subject: RE: [cryptography] How are expired code-signing certs revoked?
William Whyte writes:
>I would say that you shouldn't *install* signed software after the
>signing cert expires, but if you installed it before expiry
Cute scenario!
I would say that you shouldn't *install* signed software after the signing
cert expires, but if you installed it before expiry it's still safe to use
it.
In general, you shouldn't act based on a certificate if you don't know
it's trustworthy (obviously), but the action in question
10 matches
Mail list logo