> On Oct 6, 2013, at 5:23 PM, exar...@twistedmatrix.com wrote:
>
> On 6 Oct, 11:02 pm, tobias.oberst...@tavendo.de wrote:
Personally, I assume root CA private keys of any CA vendor are owned by
the NSA anyway.
>>>
>>> There's no rule that says you have to use a "root CA" signed certif
On 6 Oct, 11:02 pm, tobias.oberst...@tavendo.de wrote:
Personally, I assume root CA private keys of any CA vendor are owned
by
the NSA anyway.
There's no rule that says you have to use a "root CA" signed
certificate
for your TLS connections.
Sure, in theory, but there are multiple practica
>> Personally, I assume root CA private keys of any CA vendor are owned by
>> the NSA anyway.
>
> There's no rule that says you have to use a "root CA" signed certificate
> for your TLS connections.
Sure, in theory, but there are multiple practical problems when using
self-signed certs or certs s
On 02:51 pm, tobias.oberst...@tavendo.de wrote:
.. , since I like compression but I also send credentials over TLS :)
IMHO, credentials should never be sent over the wire (be it encrypted
or not) and never be stored in plaintext.
FWIW, Autobahn provides a challenge-response authentication sc
>.. , since I like compression but I also send credentials over TLS :)
IMHO, credentials should never be sent over the wire (be it encrypted or not)
and never be stored in plaintext.
FWIW, Autobahn provides a challenge-response authentication scheme ("WAMP_CRA")
that also allows for salted/hash
On 5 Oct, 02:24 pm, tobias.oberst...@tavendo.de wrote:
Hi,
AutobahnPython 0.6.3 was just released to PyPi
https://pypi.python.org/pypi/autobahn with lots of new features,
including _WebSocket compression_, an upcoming extension to the
WebSocket protocol.
Heya Tobias,
Great news! Thanks fo
>>If above sounds OT for this list, in one way probably, but when looking from
>>the angle: competitive advantage of Python/Twisted and opportunities for
>>expanding the community and actively promoting Twisted, I'd say it's on
>>topic.
>While I appreciate showing respect for the list membership's
>If I get a chance, I'll try to apply the recent attacks by Rizzo et al. on TLS
>compression and the compressed stream over TLS equivalent by Prado et al.,
>since I like >compression but I also send credentials over TLS :)
I guess you are referring to CRIME/BEAST, right?
I haven't had a deep lo
Congratulations! Please keep the announcements coming.
If I get a chance, I'll try to apply the recent attacks by Rizzo et al. on
TLS compression and the compressed stream over TLS equivalent by Prado et
al., since I like compression but I also send credentials over TLS :)
cheers
lvh