of https: URIs.
However, new application protocols built atop HTTP, such as the
Internet Printing Protocol [7], call for just such a mechanism in
order to move ahead in the IETF standards process.
-Ekr
__
Apache Interface
his client and server pair, you can often get a pretty
good idea of what the first encrypted message is.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software for Java
http://www.rtfm.c
Karl Denninger [EMAIL PROTECTED] writes:
On Mon, Mar 06, 2000 at 02:10:42PM -0800, EKR wrote:
The generation, no. However, in order for people sending you mail
to be sure that they are not subject to active key substitution
attacks, they key pair does need to be securely bound
rely bound to the
recipient. Unless you're prepared to exchange keys with all of your
correcpondents out of band, you do need third party key certification.
PGP accomplishes this using key signing rather than certificates
per se, but it's an analagous concept.
-Ekr
--
[Eri
n issue them.
The technical enforcement of this, of course, is done by Netscape and MS,
but they're restricted in what they can do by the feds, who can refuse
export licenses if the software doesn't behave the way they like.
Of course, all this is probably moot in the face of the new export
l
over an open network,
SSH allows you to store the server keys so you're only at risk
for man-in-the-middle once. This is significantly better than
anonymous DH where you're always at risk.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3
does not, then the answer is that it's far far worse.
In the SSH case, the attacker still can't get at your
password -- provided that you check the server's RSA key
against the one you know matches that server. With SSL and
ADH, an active attacker can recover any data you send over
the channel.
-Ekr
"Joseph R. Junkin" [EMAIL PROTECTED] writes:
EKR wrote:
Now, not all 56-bit modes are equally fast. RC4 in 56 mode
(one of the experimental cipher suites)
All I am concerned with right now are what is supported by typical IE
and Netscape users, both US and non-US.
So the
suites
using +ADH or somesuch.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software for Java
http://www.rtfm.com/puretls/
__
Apache Interface
"Joseph R. Junkin" [EMAIL PROTECTED] writes:
EKR wrote:
"Joseph R. Junkin" [EMAIL PROTECTED] writes:
I want to run a site with the lowest possible encryption for the highest
performance.
Encryption and performance are not mutually opposed in the way
yo
Simon Weijgers [EMAIL PROTECTED] writes:
However, if you're talking to an export browser then you'll
end up with 512 bits of security but it will be as slow
as 768 bits because of ephemeral RSA mode. [0]
-Ekr
[0] Yes, I know that 512 bit ephemeral RSA isn't exactly
the same
be as slow
as 768 bits because of ephemeral RSA mode. [0]
-Ekr
[0] Yes, I know that 512 bit ephemeral RSA isn't exactly
the same security wise as 512 bit static, but they're
close to a first order.
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free
our choice. Under
a lot of conditions, it's easy to arrange to receive the
return traffic as well. Imagine, for instance, that the attacker
is on the same network as the machine he's trying to impersonate.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
Pure
a little ugly.
If I manage to produce a shippable patch, I'll post it.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software for Java
http://
h with the patch from Apache 2.4.2,
things compile corectly. Under very light testing,
they don't seem to crash.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
PureTLS - free SSLv3/TLS software fo
15 matches
Mail list logo
