Tony Finch wrote:
I have the beginnings of a solution to this problem. It is based on using
tlsdate, which gets the time from a server with minimal risk of
interference by a man-in-the-middle.
TLS is another PKI and is inherently insecure as CAs can be
compromised.
As David Conrad wrote in
Hi, Hosnieh,
Do you think it will be relevant to this document or it can be
another informational document only discuss about the
vulnerabilities of cryptographic algorithms?
As I said, it is a known vulnerability. That is, we don't
need a generic new document very much.
However, Snowden
On Fri, Nov 01, 2013 at 03:29:12PM +0900, Masataka Ohta wrote:
TLS is another PKI and is inherently insecure as CAs can be
compromised.
True, but Tony's quorum-based approach could be made exhaustive enough
that the adversary would have to have compromised *every* CA. If they
can do that, I'm
On 1 Nov 2013, at 06:35, Evan Hunt e...@isc.org wrote:
On Fri, Nov 01, 2013 at 03:29:12PM +0900, Masataka Ohta wrote:
TLS is another PKI and is inherently insecure as CAs can be
compromised.
True, but Tony's quorum-based approach could be made exhaustive enough
that the adversary would
On Nov 1, 2013, at 7:57 AM, Derek Atkins de...@ihtfp.com wrote:
It is unclear to me that ECC as a generic technology is bad, although
any specific curves creates by NIST/NSA are certainly suspect.
Having said that, Dual-EC-DRBG is a Random Number Generator, not a Hash,
Public Key, or Cipher
Masataka Ohta mo...@necom830.hpcl.titech.ac.jp writes:
Hi, Hosnieh,
Do you think it will be relevant to this document or it can be
another informational document only discuss about the
vulnerabilities of cryptographic algorithms?
As I said, it is a known vulnerability. That is, we don't
Nicholas Weaver nwea...@icsi.berkeley.edu writes:
On Nov 1, 2013, at 7:57 AM, Derek Atkins de...@ihtfp.com wrote:
It is unclear to me that ECC as a generic technology is bad, although
any specific curves creates by NIST/NSA are certainly suspect.
Having said that, Dual-EC-DRBG is a Random
Derek Atkins wrote:
However, Snowden taught us that we must avoid any fancy
cryptography strongly promoted by NIST, including all the
EC related ones, which may be documented somewhere.
It is unclear to me that ECC as a generic technology is bad, although
any specific curves creates by