Re: [openssl-users] Lattice Ciphers

On 19/12/2017 02:10, Colony.three via openssl-users wrote: On 18/12/2017 22:35, Colony.three via openssl-users wrote: PS, Jakob I'm getting on your email:  "This email has failed its domain's authentication requirements. It may be spoofed or improperly forwarded!" The reason is:

Re: [openssl-users] Lattice Ciphers

> I find that Firefox refuses to do any ephemeral ciphers whatsoever. What the > heck? Why am I surprised. Somebody paid them. > > If you follow Schnieder, elliptic curve is not an option. > > I know you guys are severely underfunded, but is there any chance that > lattice encryption will be c

Re: [openssl-users] Lattice Ciphers

On 18/12/2017 22:35, Colony.three via openssl-users wrote: >> PS, Jakob I'm getting on your email: "This email has failed its >> domain's authentication requirements. It may be spoofed or improperly >> forwarded!" >> The reason is: HEADER_FROM_DIFFERENT_DOMAINS,T_DKIM_INVALID > > Can you send me

Re: [openssl-users] Lattice Ciphers

On 18/12/2017 22:35, Colony.three via openssl-users wrote: PS, Jakob I'm getting on your email:  "This email has failed its domain's authentication requirements. It may be spoofed or improperly forwarded!" The reason is: HEADER_FROM_DIFFERENT_DOMAINS,T_DKIM_INVALID Can you send me the full h

Re: [openssl-users] Lattice Ciphers

PS, Jakob I'm getting on your email: "This email has failed its domain's authentication requirements. It may be spoofed or improperly forwarded!" The reason is: HEADER_FROM_DIFFERENT_DOMAINS,T_DKIM_INVALID-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/op

Re: [openssl-users] Lattice Ciphers

. > For your information, I actually tracked down the original report > about this (and posted some corrections in a comment to the > researcher): > > - This was not HP's keyboard driver. This was Synaptics' touch > pad driver (SynTP.sys). Never said it is HP's driver. But understand, that it

Re: [openssl-users] Lattice Ciphers

On 18/12/2017 20:50, Colony.three via openssl-users wrote: On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users openssl-users@openssl.org wrote: Hear about the HP keylogging case recently? Do you think a keylogger is actually used in tes

Re: [openssl-users] Lattice Ciphers

>> On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users >> openssl-users@openssl.org wrote: >> >>> Hear about the HP keylogging case recently? Do you think a keylogger is >>> actually used in testing of a keyboard driver, in practice? >>> >>> Yes. >>> >>> More specifically, it's used to

Re: [openssl-users] Lattice Ciphers

> On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users > openssl-users@openssl.org wrote: > >> Hear about the HP keylogging case recently? Do you think a keylogger is >> actually used in testing of a keyboard driver, in practice? >> >> Yes. >> >> More specifically, it's used to ensure th

Re: [openssl-users] Lattice Ciphers

On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users wrote: > > Hear about the HP keylogging case recently? Do you think a keylogger is > actually used in testing of a keyboard driver, in practice? Yes. More specifically, it's used to ensure that the scancodes that should be detected

Re: [openssl-users] Lattice Ciphers

> Colony.three via openssl-users wrote: > >> I've set mine to test this comprehensively. (Apache and NginX) With >> Apache Firefox -ignores- server-prescribed ciphers and chooses an EC. >> NginX does properly prevail with the algo. Was this an accident, Apache? >> >> I'd suggest to read the Apach

Re: [openssl-users] Lattice Ciphers

> Have you submitted a bug report for Apache (not honouring server config > cipher order) if one doesn't exist? That never works. > As for resistant to quantum computers, given the current aim is for systems > that can calculate things that would currently take the age of the universe > to cal

Re: [openssl-users] Lattice Ciphers

Colony.three via openssl-users wrote: > I've set mine to test this comprehensively. (Apache and NginX)  With > Apache Firefox -ignores- server-prescribed ciphers and chooses an EC.  > NginX does properly prevail with the algo.  Was this an accident, Apache? I'd suggest to read the Apache httpd doc

Re: [openssl-users] Lattice Ciphers

Have you submitted a bug report for Apache (not honouring server config cipher order) if one doesn't exist? As for resistant to quantum computers, given the current aim is for systems that can calculate things that would currently take the age of the universe to calculate, resistance is futile ;)

Re: [openssl-users] Lattice Ciphers

> - FF [claims it does > DHE/EDH](https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.mozilla.org_Security_Server-5FSide-5FTLS-23Intermediate-5Fcompatibility-5F.28default.29&d=DwMGaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=XJoX203uiiC98n6L2888TI9zC37FTWeD7taNoV50GDE&s=v0qGxpAFrqv

Re: [openssl-users] Lattice Ciphers

>> Okay, FF does ECDHE not DHE/EDH. The whole industry does that, and most are >> using X25519 which was developed by Dan Bernstein. > > FF [claims it does > DHE/EDH](https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29), > but it does not actually, in prac

Re: [openssl-users] Lattice Ciphers

On Mon, Dec 18, 2017 at 1:38 AM, Colony.three via openssl-users wrote: > > G**gle's Eric Schmidt says, "If you have something that you don't want > anyone to know, maybe you shouldn't be doing it in the first place. This is > a profoundly undemocratic attitude. What would Thomas Paine, or Ben >

Re: [openssl-users] Lattice Ciphers

Okay, FF does ECDHE not DHE/EDH. The whole industry does that, and most are using X25519 which was developed by Dan Bernstein. The Guardian article you referenced didn’t even have the word curve in it. My question – do you have a reference that shows Schneier says not to use elliptic curve –