From: "boyd, rounin" <boyd@insultant.net>
To: <9fans@cse.psu.edu>
Subject: Re: [9fans] spam rejection after reception does have limits
Date: Sun, 28 Sep 2003 13:05:19 +0200 [thread overview]
Message-ID: <029701c385b0$686b32e0$b9844051@insultant.net> (raw)
In-Reply-To: <20030928114226.L27821@cackle.proxima.alt.za>
> Between you and Choate, you're getting irritating: "You don't
> understand..." Maybe you can explain, if you're so fucking clever!
you need a root CA or some other CA you trust. this depends on
the DNS, which can be spoofed, hence possiblty giving you a false
public key.
key revocation never worked.
TLS/SSL is so complex that the bugs kept turning up. someone at the
labs even had a theoretical [impractical, but possible] an attack on it.
that's why we don't use 2DES, 'cos there is theoretical attack where
you meet in the the middle. sure, it's costly, but the solution is to go
to 3DES. DES 'died' back in the early '90s (unless you were the NSA,
where it probably died well before that).
once you had encrypted the 'crack' dictionary [~50k 'words'] with all
the 4096 salts busting a password file with a shell script and took
seconds. generating the dictionary back then took a month.
i did this once, as an experiment and to test internal security.
on that point i'm NDA'd on any further discussion.
# 248 622
next prev parent reply other threads:[~2003-09-28 11:05 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-27 22:46 ron minnich
2003-09-28 1:11 ` boyd, rounin
2003-09-28 9:08 ` Charles Forsyth
2003-09-28 9:16 ` boyd, rounin
2003-09-28 8:10 ` Lucio De Re
2003-09-28 8:59 ` boyd, rounin
2003-09-28 9:42 ` Lucio De Re
2003-09-28 10:18 ` boyd, rounin
2003-09-28 10:50 ` boyd, rounin
2003-09-28 11:18 ` Lucio De Re
2003-09-28 11:44 ` boyd, rounin
2003-09-28 11:05 ` boyd, rounin [this message]
2003-09-28 11:47 ` Lucio De Re
2003-09-28 11:58 ` boyd, rounin
2003-09-28 12:17 ` Lucio De Re
2003-09-29 9:14 ` Douglas A. Gwyn
2003-09-29 9:37 ` boyd
2003-09-28 15:33 ` ron minnich
2003-09-28 15:39 ` boyd, rounin
2003-09-28 17:12 ` ron minnich
2003-09-28 17:22 ` boyd
2003-09-28 10:16 ` Charles Forsyth
2003-09-28 10:23 ` boyd, rounin
2003-09-29 3:23 ` salomo3
2003-09-29 3:32 ` boyd
2003-09-29 5:18 ` Lucio De Re
2003-09-29 9:18 ` boyd
2003-09-29 13:53 ` Joel Salomon
2003-09-29 9:14 ` Douglas A. Gwyn
2003-09-29 9:13 ` Douglas A. Gwyn
2003-09-29 9:44 ` SPAM: " Charles Forsyth
2003-09-29 15:21 ` Douglas A. Gwyn
2003-09-29 16:02 ` Joel Salomon
2003-09-29 21:24 ` boyd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='029701c385b0$686b32e0$b9844051@insultant.net' \
--to=boyd@insultant.net \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).