From mboxrd@z Thu Jan 1 00:00:00 1970 From: Lucio De Re To: 9fans@cse.psu.edu Subject: Re: [9fans] spam rejection after reception does have limits Message-ID: <20030928134701.P27821@cackle.proxima.alt.za> References: <20030928101050.J27821@cackle.proxima.alt.za> <020001c3859e$d209f220$b9844051@insultant.net> <20030928114226.L27821@cackle.proxima.alt.za> <029701c385b0$686b32e0$b9844051@insultant.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <029701c385b0$686b32e0$b9844051@insultant.net>; from boyd, rounin on Sun, Sep 28, 2003 at 01:05:19PM +0200 Date: Sun, 28 Sep 2003 13:47:02 +0200 Topicbox-Message-UUID: 52d01f70-eacc-11e9-9e20-41e7f4b1d025 On Sun, Sep 28, 2003 at 01:05:19PM +0200, boyd, rounin wrote: > > > Between you and Choate, you're getting irritating: "You don't > > understand..." Maybe you can explain, if you're so fucking clever! > > you need a root CA or some other CA you trust. this depends on > the DNS, which can be spoofed, hence possiblty giving you a false > public key. > That was the point I was trying to make. I'll issue you a certificate (a tiny one, without all the stupid frills). Not only, I'll issue you a CA certificate, so you can in turn certify your ISP or your pretty cousin that acts as your SMTP gateway. I'll accept their certificates as being your agent. I probably won't accept them as proof of their identity, however. That's an interesting aside not to be indulged here. > key revocation never worked. > I accept that. It doesn't look like it could conceivably be taken seriously by anyone. We've had our banks (we have only a few here as the entrance qualifications are absurdly steep) fall foul of expiry. But why I should trust Veristupid (sic) in preference to a bank that's more or less managed my overdraft for the past 25 years, I fail to understand. Yet everyone jumped in horror when MSIE raised the alarm. More of that lack of communication between tech and non-tech. Even within one's brain, seemingly, as the only squawkers I heard were techies. But when I revoke the certificate I issued to you, I will (hopefully) know about it. That type of revocation had better work. > TLS/SSL is so complex that the bugs kept turning up. someone at the > labs even had a theoretical [impractical, but possible] an attack on it. > That was addressed and fixed. I assume that real cryptographers know what they are doing, the maths is too convoluted (life is too short) for me to do it myself. But I'm prepared to respect the experts with a reputation (Steve Bellovin come to mind, but there are plenty others). If there is a preferable approach, it hasn't made any dent in my awareness. And I accept I'm not on the coal face, nor does "good" imply "successful", nor do all clever schemes get published for the health of the Internet (think NSA), still, if SSL could migrate to TLS against entropy, maybe further migration towards greater entropy is possible. > that's why we don't use 2DES, 'cos there is theoretical attack where > you meet in the the middle. sure, it's costly, but the solution is to go > to 3DES. DES 'died' back in the early '90s (unless you were the NSA, > where it probably died well before that). > DES has yet to be shown not to be intentionally back-doored. But respected encryption algorithms are ten-a-penny, to the great confusion of those who have to make decisions and cannot possibly be expected to know everything cryptographic. I thought TLS used blowfish and that rijndael had been picked as the final word in international trusted encryption schemes? > once you had encrypted the 'crack' dictionary [~50k 'words'] with all > the 4096 salts busting a password file with a shell script and took > seconds. generating the dictionary back then took a month. > Cracking the Unix security to read /etc/shadow or /etc/master.passwd takes a different approach. As you suggest, the solution should be less expensive than the problem. You forget that the price you pay has little in common with the gains of your enemy. That is also an important factor. I'm upgrading a site of some two hundred users right now, with the option to change from DES to RC5 for login passwords. The trauma involved in the migration is going to offset any possible security gain by orders of magnitude, specially as the sharing of passwords seems more the norm than the exception around here. Why bother? ++L