... RC4-128 is stronger than 3DES_EDE. Breaking RC4-128 is a matter of 2**128 operations, while 3DES can be broken in a mere 2**112 operations, because of the...
Mike
Michael.Johnson@...
Jul 1, 1997 10:40 am
6072
Its not wise to only examine key length. RC4 is too new a cipher (published in 95, not in the literature, but in source form) to be trusted. I trust 3des...
Adam Shostack
adam@...
Jul 1, 1997 11:34 am
6073
... From: Hossein Akhlaghpour <hossein@...> To: 'ssl-talk@...'; Abdullah M Al-Dossary %166.87.109.11% <dossam1e@...> Subject:...
Jerry Gomez
jgomez@...
Jul 1, 1997 4:46 pm
6074
Actually, 3DES_EDE as speced in SSL uses 3 56 bit keys -- 2**168 that is. Taher...
Taher Elgamal
elgamal@...
Jul 1, 1997 5:08 pm
6075
Hi, I just installed Apache 1.2.0 with SSLeay 0.8.0 using Ben Laurie's Apache-SSL 1.2.0+1.7. My question is: how do I implement client authentication and...
Leon Poon
lpoon@...
Jul 1, 1997 8:17 pm
6076
look at this document it talks about that. ... From: Abdullah M Al-Dossary %166.87.109.11% <dossam1e@...> To: 'ssl-talk@...' Date: Tuesday,...
Hossein Akhlaghpour
hossein@...
Jul 1, 1997 8:51 pm
6077
I would suggest using Stronghold. The documentation is at http://www.c2.net/products/stronghold/docs/. You are looking for the SSL_Require directive. -- Sameer...
sameer
sameer@...
Jul 1, 1997 9:00 pm
6078
... We can't currently provide Stronghold for non-commercial use because with the release of Stronghold 2.0 we now have a patent license which does not allow...
sameer
sameer@...
Jul 2, 1997 1:30 am
6079
... I am well aware that Stronghold supports this feature, and I also know that C2Net has a history of providing the web server free for non-commercial use....
Leon Poon
lpoon@...
Jul 2, 1997 1:31 am
6080
CA normally is an applicative software that's mean that every attack conducted have to bypass the OS or that this the strongest attack available. Now the two...
Andrea Borsetti
andreab@...
Jul 2, 1997 8:44 am
6081
CALL FOR PAPERS The Internet Society Symposium on Network and Distributed System Security Where: Catamaran Resort, San Diego, California When: March 11-13,...
Matt Bishop
bishop@...
Jul 2, 1997 7:51 pm
6082
... They're secured in both directions. They're authenticated in both directions only if the optional client authentication is done. Otherwise only the server...
Eric Murray
ericm@...
Jul 3, 1997 12:34 am
6083
After reading the spec, I say that the answer is "yes" (after the initial handshake), but it not so clear (to me). So, hoping that this question wasn't...
Do any of the available exportable SSL-Servers (such as Stronghold etc.) support hardware crypto modules? I know that the Swiss firm R3 offer a server which...
Matthew Langham
mlangham@...
Jul 3, 1997 7:52 am
6086
... The version of Stronghold currently available has support built-in for nCipher's nFast product (http://www.ncipher.com/) Regards, Mark Mark Cox, Technical...
Mark J Cox
mark@...
Jul 3, 1997 8:22 am
6087
Perhaps this is a naive question; sorry if so. Server authentication in SSL involves checking the hostname used to contact the server against the hostname in ...
Michael Smith
ms@...
Jul 3, 1997 6:41 pm
6088
... This is an excellent question. You're exactly right; Netscape or Microsoft presumably have some criteria they require before including a root certificate...
Tim Dierks
timd@...
Jul 3, 1997 7:01 pm
6089
Glad to find that it wasn't a stupid question after all. ... I'm really wondering how Verisign, or anybody else, could get from documentation like that, to any...
Michael Smith
ms@...
Jul 3, 1997 7:25 pm
6090
... Stronghold also supports CryptoSwift. But I don't think CryptoSwift is exportable. -- Sameer Parekh Voice: 510-986-8770 President FAX:...
sameer
sameer@...
Jul 3, 1997 7:48 pm
6091
... VeriSign will have to describe their procedures, but my general understanding is that they use the notarized statement and your access to the letters of...
Tim Dierks
timd@...
Jul 3, 1997 7:56 pm
6092
Rainbow's CryptoSwift is supported by Stronghold, as well as Microsoft IIS, Maithean NetPay and any BSAFE, S/Pay, RSAREF or EYBNLib application you write. It...
Shawn Abbott (Rainbow)
sabbott@...
Jul 3, 1997 8:03 pm
6093
... Some public information on their procedures is available in http://www.verisign.com/repository/cps/ On a possibly related tangent, there is supposed to be...
Michael Helm
helm@...
Jul 3, 1997 8:21 pm
6094
... You have missed several other problems ;-) This subject was extensively discussed in this list two months ago and you are right in pointing out that the...
E. Gerck
lasertec@...
Jul 3, 1997 8:50 pm
6095
... This may sound practical but still does not stop spoofing. I'll quote from an e-mail exchange with Nicholas Bohm <nbohm@...>: "This is closely...
E. Gerck
lasertec@...
Jul 3, 1997 9:27 pm
6096
... Basically, all this says is that someone could fool VeriSign (or any CA). True enough, but it's presumably more difficult to fool a CA into giving you a...
Tim Dierks
timd@...
Jul 3, 1997 11:00 pm
6097
unsubscribe...
Edwin Chan
ed@...
Jul 4, 1997 12:02 am
6098
Ed, would you care to quote the warranties you are arguing about, for the nominal class 3 certificate mentioned by Bohm?...
Peter Williams
petkat@...
Jul 4, 1997 3:13 am
6099
I find the "certificate of deposit" argument very bogus - as a metaphor for qualifying the "certainty" of one "certificate" (of deposit) from another...
Peter Williams
petkat@...
Jul 4, 1997 3:25 am
6100
... Presumably is the word. As I stated at the end of that msg, a CA such as Verisign actually "endorses" only the public-key. So, higher-assurance still means...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
