Balazs Scheidler writes:
> > > I'm happy with SSL or TLS. (and btw, someone mentioned using ssh, what I had
> > > in mind was similar to the SSH2 transport layer)
> >
> > Ah, then why not just use the ssh2 transport layer? Designing a good crypto
> > protocol is a really hard job.
> >
>
> It's
On Wed, Jun 14, 2000 at 12:12:49PM +0200, Jan Meijer wrote:
> Hi Balazs,
>
> I'm not sure whether you wanted this to go to the list or not.
>
I wanted to send it to the list, I just can't get used to use 'g' to reply.
> > > > Agreed. But low functionality crypto is not necessarily bad crypto.
Magosanyi Arpad wrote:
> A levelezõm azt hiszi, hogy Darren Reed a következõeket írta:
> []
> >
> > Bad crypto is worse than no crypto at all.
>
> Agreed. But low functionality crypto is not necessarily bad crypto.
> I guess we can stop here, because everyone seems to agree that having
> somethin
Jan Meijer, replying Darren Reed, wrote:
>
>> It is questionable whether we should "roll our own" crypto...
[...snip...]
>> lets stop reinenting the wheel.
>
> I [...snip...]would like to second this opinion.
[...snip to EOF...]
I would like also to second Darren's statement. IMHO, IPSEC
ESP
On Thu, Jun 08, 2000 at 01:55:17PM -0500, Chris Lonvick wrote:
> Hi Balazs,
>
> Thanks for your input, however you're getting a bit ahead of the plan. :-)
>
> The first thing to do is to document the existing syslog protocol and any
> security vulnerabilities that may be in it. This was fairly
In some email I received from Magosanyi Arpad, sie wrote:
[Charset iso-8859-2 unsupported, filtering to ASCII...]
> A levelez_m azt hiszi, hogy Darren Reed a k_vetkez_eket _rta:
> []
> >
> > Bad crypto is worse than no crypto at all.
>
> Agreed. But low functionality crypto is not necessarily ba
> Agreed. But low functionality crypto is not necessarily bad crypto.
> I guess we can stop here, because everyone seems to agree that having
> something already done is good, and no one seems to care about embedded
> systems (I also don't care about them).
Perhaps noone has researched standardiz
A levelezőm azt hiszi, hogy Darren Reed a következőeket írta:
[]
>
> Bad crypto is worse than no crypto at all.
Agreed. But low functionality crypto is not necessarily bad crypto.
I guess we can stop here, because everyone seems to agree that having
something already done is good, and no one see
In some email I received from Magosanyi Arpad, sie wrote:
[Charset iso-8859-2 unsupported, filtering to ASCII...]
> A levelez_m azt hiszi, hogy Darren Reed a k_vetkez_eket _rta:
> > In some email I received from Balazs Scheidler, sie wrote:
> > > * we should support a set of encryption, mac and ke
A levelezőm azt hiszi, hogy Darren Reed a következőeket írta:
> In some email I received from Balazs Scheidler, sie wrote:
> > * we should support a set of encryption, mac and key exchange algorithms to
> > be negotiated at startup
>
> It is questionable whether we should "roll our own" crypto.
Chris -
I'm getting duplicates of everything on the list -- could you check
if I'm subscribed twice? Thanks.
Alex
Chris Lonvick wrote:
...
--
Alex Brown <[EMAIL PROTECTED]> http://www.msg.com/~abrown +1 617 504 8761
>> It is questionable whether we should "roll our own" crypto...mandate the
use
>> of SSL or IPsec. Not using existing crypto means you have to get the
crypto
>> right and then you've got X.509 issues, etc. Time is better spent
elsewhere
>> - other people have already "solved this", lets stop re
Hi Chris,
> That was hammered home at the DC BoF. We will be using existing
> and approved mechanisms where ever they make sense. The term used
> then was "common, off the shelf".
Cool, that about takes away my worries :). Thanks.
Jan
At 09:54 AM 6/9/00 +0200, Jan Meijer wrote:
>> It is questionable whether we should "roll our own" crypto...mandate the use
>> of SSL or IPsec. Not using existing crypto means you have to get the crypto
>> right and then you've got X.509 issues, etc. Time is better spent elsewhere
>> - other peo
On Thu, 8 Jun 2000, Chris Lonvick wrote:
> You may take a look at that here:
> http://www.employees.org/~lonvick/draft.txt
Minor, minor, minor point but at the start of the draft you say.
"As an example, a whistle
from a locomotive alerted people that the train was nearby. The
assum
> It is questionable whether we should "roll our own" crypto...mandate the use
> of SSL or IPsec. Not using existing crypto means you have to get the crypto
> right and then you've got X.509 issues, etc. Time is better spent elsewhere
> - other people have already "solved this", lets stop reinen
In some email I received from Balazs Scheidler, sie wrote:
> * we should support a set of encryption, mac and key exchange algorithms to
> be negotiated at startup
It is questionable whether we should "roll our own" crypto...mandate the use
of SSL or IPsec. Not using existing crypto means you
not derive
approval from silence on that first draft so please send your comments
in to the list.
Many thanks,
Chris
At 08:10 PM 6/8/00 +0200, Balazs Scheidler wrote:
>Hi,
>
>I've got some random thoughts about the secured syslog protocol, and to
>start the discussion I include it below:
---remainder deleted for brevity---
Hi,
I've got some random thoughts about the secured syslog protocol, and to
start the discussion I include it below:
* since our traffic will eventually be encrypted/hmac protected we need a
binary protocol
* we should support a set of encryption, mac and key exchange algorithms to
19 matches
Mail list logo
