"the notification is of no use to me." Then ignore/killfile the notifications. But many others see benefit from advance notice and starting to crank up their patch machinery. Even if they end up not patching, they seem to find it worthwhile as "disaster prep."
This is wrong. We're not trying to protect against National-Scale Adversaries, who probably have all the traffic the want, anyway. immediate full disclosure means that any script kiddie or criminal gets access immediately. That would be bad.
Emilia from the OpenSSL team just published a good blog post that explains some of the "twists" of logjam, and also what OpenSSL is doing about it. It's here: http://openssl.org/blog/blog/2...
A friend's kid was watching the tracker. His network glitched and for a minute he got the [X] icon instead of the sleigh image. He started crying that Santa got blown up.
From uunet!research.att.com!dmr Tue Oct 17 03:35:50 1989
Return-Path:
Received: from uunet.UUCP by world.std.com (4.0/SMI-4.0)
id AA27107; Tue, 17 Oct 89 03:35:50 EDT
From: uunet!research.att.com!dmr
Received: from inet.att.com by uunet.uu.net (5.61/1.14) with SMTP
id AA15993; Tue, 17 Oct 89 03:21:50 -0400
Message-Id:
Date: Tue, 17 Oct 89 03:15:37 EDT
To: msgs@world.std.com
Subject: printf
I remember their daily message (msgs) had "Hello, world -- dmr" for the longest time.
Also that Barry had very long discussions with NSFNet folks (Steven Wolffe?) about AUP, as the first commercial ISP.
From their website: "DES and the International Data Encryption Algorithm (IDEA) are the two most commonly used symmetric techniques." Totally wrong. Doesn't make you feel good about them as a security company.
This shouldn't be an issue, because the HTTPS rules say that the IPaddress must match, as well as the alternate names if present. Unfortunately, user's are convinced to tell their software to break the rules because PKI operations are handled so poorly.
The IETF is an amazingly transparent organization that has consistently "delivered the goods" with almost no back-room politics. ICANN is its exact opposite, perhaps reaching a nadir when one of its own board members had to sue to see the financial records. Why doesn't ICANN operate in a completely transparent manner? Do you feel the slightest bit uncomfortable with its policies and procedures? Given your background, Welch's comments in the McCarthy Army hearings come to mind.
Slashdot Mirror
The tools we used to do this are at https://github.com/openssl/too...
please contact license@openssl.org so we can make sure we handle your contributions properly.
CFRG meeting. Mixing post-QC RNG into the TLS pre-master secret.
Forward secrecy even if QC cracks RSA or ECC.
"the notification is of no use to me." Then ignore/killfile the notifications. But many others see benefit from advance notice and starting to crank up their patch machinery. Even if they end up not patching, they seem to find it worthwhile as "disaster prep."
This is wrong. We're not trying to protect against National-Scale Adversaries, who probably have all the traffic the want, anyway. immediate full disclosure means that any script kiddie or criminal gets access immediately. That would be bad.
Emilia from the OpenSSL team just published a good blog post that explains some of the "twists" of logjam, and also what OpenSSL is doing about it. It's here: http://openssl.org/blog/blog/2...
A friend's kid was watching the tracker. His network glitched and for a minute he got the [X] icon instead of the sleigh image. He started crying that Santa got blown up.
Someone sent me a copy:
From uunet!research.att.com!dmr Tue Oct 17 03:35:50 1989
Return-Path:
Received: from uunet.UUCP by world.std.com (4.0/SMI-4.0)
id AA27107; Tue, 17 Oct 89 03:35:50 EDT
From: uunet!research.att.com!dmr
Received: from inet.att.com by uunet.uu.net (5.61/1.14) with SMTP
id AA15993; Tue, 17 Oct 89 03:21:50 -0400
Message-Id:
Date: Tue, 17 Oct 89 03:15:37 EDT
To: msgs@world.std.com
Subject: printf
"Hello, world.std.com!\n"
Dennis Ritchie
I remember their daily message (msgs) had "Hello, world -- dmr" for the longest time. Also that Barry had very long discussions with NSFNet folks (Steven Wolffe?) about AUP, as the first commercial ISP.
Those other folks don't deserve to be in the same room as Dan Geer. See his RSA talk http://geer.tinho.net/geer.rsa... for example.
From their website: "DES and the International Data Encryption Algorithm (IDEA) are the two most commonly used symmetric techniques." Totally wrong. Doesn't make you feel good about them as a security company.
Ugh. Drop all that stuff. Who needs it? My gmail folder has 20 messages in it. Lighten your (psychic) load.
This shouldn't be an issue, because the HTTPS rules say that the IPaddress must match, as well as the alternate names if present. Unfortunately, user's are convinced to tell their software to break the rules because PKI operations are handled so poorly.
You might find my "PKI in a web page" useful. It doesn't require sending all certs to all browsers, just the one internal CA cert and includes step-by-step screenshots on how to do that. See https://www.ibm.com/developerworks/mydeveloperworks/blogs/soma/entry/a_pki_in_a_web_page10?lang=en
The IETF is an amazingly transparent organization that has consistently "delivered the goods" with almost no back-room politics. ICANN is its exact opposite, perhaps reaching a nadir when one of its own board members had to sue to see the financial records. Why doesn't ICANN operate in a completely transparent manner? Do you feel the slightest bit uncomfortable with its policies and procedures? Given your background, Welch's comments in the McCarthy Army hearings come to mind.