Doug Barton wrote:
> It almost sounds from what you're saying above that there actually is an
> argument for RSA's hash firewall being "better" than DSA[2] here, but if I
> correctly understood what you said later in the thread, the margin by
> which it's "better" is so small as to not be worth
On Sat, 25 Aug 2007, Doug Barton wrote:
> The other question I had is about what you said above regarding truncating
> hashes with DSA2. Am I understanding correctly that even with DSA2 the hash
> size can be no larger than 160 bits?
*sigh* Never mind this bit, I just re-re-read a later part of
On Fri, 24 Aug 2007, David Shaw wrote:
> On Fri, Aug 24, 2007 at 09:06:24PM +0300, Oskar L. wrote:
>
>> Do hash firewalls have any drawbacks (performance decrease, difficult to
>> implement, patent issues etc.)? What's the reason DSA doesn't have one?
>
> I suspect a major reason is the main use o
I will be out of the office starting 08/24/2007 and will not return until
08/30/2007.
I will return your message when I get back.
Thanks
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Dan T. wrote:
> This is no real mystery:
Wrong domain.
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
--- "Robert J. Hansen" <[EMAIL PROTECTED]> wrote:
> > > This is not my experience. I've received spam
addressed to my amateur
> > > radio call sign (KC0SJE) at a domain that's not
directly associated with
> > > me. I don't know how it was discovered, but
for right now I'm leaning
> > > towar
Oskar L. wrote:
> The point of certificates is for you to be able to verify that you
> are on the site you think you are, and not a fake one.
Yes--which involves trust. Do you trust the certificate authority? Do
you trust that the site in question isn't trying to scam you? Etc., etc.
Trust li
Oskar L. wrote:
>> Ultimately, you trust _someone_. Which is precisely the point I made:
>> trust underlies everything. Without that fundamental trust, there's no
>> point talking about authenticity.
>
> If that someone is yourself, do you still call it trust?
Well, I can't speak to what you ca
Oskar L. wrote:
> Robert J. Hansen wrote:
>> why trust is a necessary precondition for authentication. Without it,
>> everything falls apart.
>
> You can trust Trevor, but this trust is useless if you have no way of
> authenticating that Trevor really is Trevor.
>
> Trust is not needed for authe
> Ultimately, you trust _someone_. Which is precisely the point I made:
> trust underlies everything. Without that fundamental trust, there's no
> point talking about authenticity.
If that someone is yourself, do you still call it trust?
Some things about myself I only trust, such as my memory
Allen Schultz wrote:
> Is there a comprehensive list of hashes used in encryption that can
> help me choose which is the best to use?
I'm sure there is, but such a list would not do you much good. The
application you use probably only supports a few. Some are old and
insecure, and should not be us
> If I had good reason to believe Google was up to something nefarious,
> there is nothing in heaven or earth that would cause me to say "yes,
> that site is authentic."
The point of certificates is for you to be able to verify that you are on
the site you think you are, and not a fake one. If you
Sven Radde wrote:
> 1) If it means "the site contents are created by a particular firm",
> it is not necessary to trust that firm in any way to deem the site
> "authentic".
How do you know it's created by a particular firm? Who told you? How
did you find out? What's the provenance of your inf
Allen Schultz wrote:
> Is there a comprehensive list of hashes used in encryption that can
> help me choose which is the best to use?
If all you want is to provide a very high level of authentication for
your messages, just stick with the defaults and you'll do just fine.
Seriously. GnuPG is spe
Is there a comprehensive list of hashes used in encryption that can
help me choose which is the best to use?
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
15 matches
Mail list logo
