Re: [therightkey] Barely-capable CAs
Ben Laurie <benl@google.com> Thu, 01 November 2012 19:52 UTC
Return-Path: <benl@google.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2ED8921F9580 for <therightkey@ietfa.amsl.com>; Thu, 1 Nov 2012 12:52:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.736
X-Spam-Level:
X-Spam-Status: No, score=-102.736 tagged_above=-999 required=5 tests=[AWL=0.241, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LuG7laJzLk-G for <therightkey@ietfa.amsl.com>; Thu, 1 Nov 2012 12:52:28 -0700 (PDT)
Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) by ietfa.amsl.com (Postfix) with ESMTP id 261F721F94B6 for <therightkey@ietf.org>; Thu, 1 Nov 2012 12:52:27 -0700 (PDT)
Received: by mail-wi0-f172.google.com with SMTP id hq12so578071wib.13 for <therightkey@ietf.org>; Thu, 01 Nov 2012 12:52:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-system-of-record; bh=BX0ZCCSLKt3JffhLwfnXUWAk8JPzlqrA517Mvtz/Sqg=; b=Nk3Efqhvy4YCgPCBz36Td9fM/YtPiBWPlZTA5BeWfWZRFNYWEiYTB+AJYAacttdnDX KW2jej/0FwhIn+K1VWghNMZujAytR9tTi1HPWYgStkzSqeSFmL7113HJFPD1d3YhEBBh Is3wjLCT+j0x20PhdGqG6lLraVXHLu+V6rMpqGK6VtBS2mey2PVvddqe7jyzIoyUPg6r J+tMl9yOWwQEu/Qxqb44h5xELLBgy+SRmRY8Q956L6I7ssTSDS3bJLW40C+KqCE1RS9B 6152gUEUeHr6BwcwEjStz0dRG9RU4lwNwf2Cp4EhATOVMXENe4aF9hK5AKLbiqalQaWn ak0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-system-of-record:x-gm-message-state; bh=BX0ZCCSLKt3JffhLwfnXUWAk8JPzlqrA517Mvtz/Sqg=; b=j7GJ+7uhmTlSZhM//iX4FUiWR3SQ8Hr597Rue40NnF3GI8tXaTf310blGQeyXNezGR of8R88Xp6dPZhsVWyTFmwXPY3XwxpdWORLw3eVEdyOZXnAMs010wmu59a+wwcwbl7Kfi wCfwSWIbvQ1cQd4edT4iatVdke6fUYb3e5cAeq6y01fCbAV4f3pcWwUhQnyLsY/r/3HH sIN3QXxmgu7TWUAlxONLdPBIuCFvnIpYs9qBN+vxWBS2z8bzKLpMUpZRtv2RCtYCBOFz SKRmnWy6sYX6ezGwSySUbyp5gOe1QNEcZLR/iQi5EWbbsR5uHtTG2sIh6mQVQXT8JjP8 L9vQ==
MIME-Version: 1.0
Received: by 10.181.11.167 with SMTP id ej7mr3408657wid.11.1351799547002; Thu, 01 Nov 2012 12:52:27 -0700 (PDT)
Received: by 10.194.76.170 with HTTP; Thu, 1 Nov 2012 12:52:26 -0700 (PDT)
In-Reply-To: <CAMm+LwhxLYhEJ213AmvTo6cCfPRq_0X1hxJx1vN13nfxkBWLiw@mail.gmail.com>
References: <7500672F-5BDE-4EBE-ABC3-1AFEF2972D95@vpnc.org> <544B0DD62A64C1448B2DA253C0114146069D3FBAE8@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <CAOuvq22PMSq2sAmUBfJcWu6LhEdCA3jKteu38m4UuHbykp7xZw@mail.gmail.com> <544B0DD62A64C1448B2DA253C0114146069D5FC685@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <6DD8CB4F-1233-403D-A27E-F3F80310390F@vpnc.org> <544B0DD62A64C1448B2DA253C0114146069D5FC79B@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <508A48C5.9070005@comodo.com> <544B0DD62A64C1448B2DA253C0114146069D76E5FC@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <CABrd9STHtw__Wm30Z5T27mx8PMb-mScCSa-EZVDdeQvy_Rru1Q@mail.gmail.com> <544B0DD62A64C1448B2DA253C0114146069F66F830@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <CABrd9SSJWm_8BY9uN4D6=LmogwkNeLMZtJaOX2MQU1QuCHJwyg@mail.gmail.com> <80A8F0DC-C894-4299-AEC7-12B84A803E84@vpnc.org> <CAMm+Lwh2Qhv8eHtmy=KisShdJiLYe=ziyfezQELqqfu8y9H5qg@mail.gmail.com> <alpine.BSF.2.00.1211010935330.60568@hiroshima.bogus.com> <CAMm+LwjQiJ3aWpAYdy1hxtf09Sf=4g9AO=r-PihSPVkc8PMLkg@mail.gmail.com> <5092B8C4.3070607@cs.tcd.ie> <CABrd9SRKuo-VW6AHapz0NogKSGmcXXtRomTh1bvZudaB5q-GTQ@mail.gmail.com> <CAMm+LwhxLYhEJ213AmvTo6cCfPRq_0X1hxJx1vN13nfxkBWLiw@mail.gmail.com>
Date: Thu, 01 Nov 2012 19:52:26 +0000
Message-ID: <CABrd9ST3=4b73jDZb=Cxq6L_+2z7ExCKcY-ywBiD5hW98uAWBw@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-System-Of-Record: true
X-Gm-Message-State: ALoCoQnPqRYHZzc7Lh0KGCNR3hluuO9ea4Ma3G7txoUtHPx6OnEuq+FdtLKNWICudpWmiRbE/bjezBpnd09SSe2TTmaDNibQ4LV7so0Zf99plDQ27M635FL7rc+NmAhsQv6CJ3RGNKL95d14/lOzEh3eFsrNigXyBuAye2gUxd+Tx51RwuOQc3m63ClQyKFrslbHCcH6deX2
Cc: Lucy Lynch <llynch@civil-tongue.net>, Paul Hoffman <paul.hoffman@vpnc.org>, "therightkey@ietf.org" <therightkey@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [therightkey] Barely-capable CAs
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Nov 2012 19:52:29 -0000
On 1 November 2012 18:38, Phillip Hallam-Baker <hallam@gmail.com> wrote: > Again, does it appear so subtle after it has been discovered? Well, I find I have to remind myself how it works. So ... yeah. Also, I assumed Bliechanbacher was the exponent 3 thing, which was also pretty subtle. > > Would the flaw have been discovered sooner if there was not so much dead > code? I don't think dead code had any influence on either of these. > > > On Thu, Nov 1, 2012 at 2:35 PM, Ben Laurie <benl@google.com> wrote: >> >> On 1 November 2012 18:00, Stephen Farrell <stephen.farrell@cs.tcd.ie> >> wrote: >> > >> > >> > On 11/01/2012 05:22 PM, Phillip Hallam-Baker wrote: >> >> Having worked in Web security over 20 years now, I have still to see a >> >> case >> >> where a system was breached because of a really subtle design flaw. >> > >> > Bleichenbacher? >> >> TLS renegotiation? >> >> > >> > S. >> > _______________________________________________ >> > therightkey mailing list >> > therightkey@ietf.org >> > https://www.ietf.org/mailman/listinfo/therightkey > > > > > -- > Website: http://hallambaker.com/ >
- [therightkey] Certrans BoF planning Paul Hoffman
- [therightkey] Call for agenda items for certrans … Paul Hoffman
- Re: [therightkey] Call for agenda items for certr… Phillip Hallam-Baker
- Re: [therightkey] Call for agenda items for certr… Paul Hoffman
- Re: [therightkey] Call for agenda items for certr… Paul Hoffman
- Re: [therightkey] Call for agenda items for certr… Phillip Hallam-Baker
- [therightkey] Impact on issue processes Paul Hoffman
- Re: [therightkey] Impact on issue processes Ben Laurie
- Re: [therightkey] Impact on issue processes Phillip Hallam-Baker
- Re: [therightkey] Impact on issue processes Rob Stradling
- Re: [therightkey] Impact on issue processes Ben Laurie
- Re: [therightkey] Impact on issue processes Ben Laurie
- Re: [therightkey] Impact on issue processes Phillip Hallam-Baker
- Re: [therightkey] Impact on issue processes Erwann Abalea
- Re: [therightkey] Impact on issue processes Rick Andrews
- Re: [therightkey] Impact on issue processes Chris Palmer
- Re: [therightkey] Impact on issue processes Ben Laurie
- Re: [therightkey] Impact on issue processes Paul Hoffman
- Re: [therightkey] Impact on issue processes Phillip Hallam-Baker
- Re: [therightkey] Impact on issue processes Paul Hoffman
- Re: [therightkey] Impact on issue processes Rob Stradling
- Re: [therightkey] Impact on issue processes Paul Hoffman
- Re: [therightkey] Impact on issue processes Rick Andrews
- [therightkey] Other solutions to the problem Paul Hoffman
- Re: [therightkey] Impact on issue processes Chris Palmer
- Re: [therightkey] Other solutions to the problem Rick Andrews
- Re: [therightkey] Other solutions to the problem Chris Palmer
- Re: [therightkey] Other solutions to the problem Yoav Nir
- Re: [therightkey] Other solutions to the problem Rob Stradling
- Re: [therightkey] Other solutions to the problem Ben Laurie
- Re: [therightkey] Impact on issue processes Ben Laurie
- Re: [therightkey] Call for agenda items for certr… Ben Laurie
- Re: [therightkey] Other solutions to the problem Rick Andrews
- Re: [therightkey] Other solutions to the problem Leif Johansson
- Re: [therightkey] Other solutions to the problem Ben Laurie
- Re: [therightkey] Other solutions to the problem Ben Laurie
- Re: [therightkey] Other solutions to the problem Rick Andrews
- Re: [therightkey] Other solutions to the problem Stephen Farrell
- Re: [therightkey] Other solutions to the problem Ben Laurie
- Re: [therightkey] Other solutions to the problem Phillip Hallam-Baker
- Re: [therightkey] Other solutions to the problem Ben Laurie
- [therightkey] Barely-capable CAs Paul Hoffman
- Re: [therightkey] Barely-capable CAs Phillip Hallam-Baker
- Re: [therightkey] Barely-capable CAs Lucy Lynch
- Re: [therightkey] Barely-capable CAs Paul Hoffman
- Re: [therightkey] Barely-capable CAs Rick Andrews
- Re: [therightkey] Barely-capable CAs Phillip Hallam-Baker
- Re: [therightkey] Barely-capable CAs Stephen Farrell
- Re: [therightkey] Barely-capable CAs Paul Hoffman
- Re: [therightkey] Barely-capable CAs Phillip Hallam-Baker
- Re: [therightkey] Barely-capable CAs Ben Laurie
- Re: [therightkey] Barely-capable CAs Phillip Hallam-Baker
- Re: [therightkey] Barely-capable CAs Rob Stradling
- Re: [therightkey] Barely-capable CAs Nico Williams
- Re: [therightkey] Barely-capable CAs Ben Laurie
- Re: [therightkey] Barely-capable CAs Paul Hoffman
- Re: [therightkey] Barely-capable CAs Rob Stradling
- Re: [therightkey] Barely-capable CAs Phillip Hallam-Baker
- Re: [therightkey] Barely-capable CAs Rob Stradling
- Re: [therightkey] Barely-capable CAs Rob Stradling
- Re: [therightkey] Barely-capable CAs Paul Hoffman
- Re: [therightkey] Barely-capable CAs Rob Stradling
- Re: [therightkey] Barely-capable CAs Rob Stradling
- Re: [therightkey] Barely-capable CAs Martin Rex
- Re: [therightkey] Barely-capable CAs Jon Callas
- Re: [therightkey] Barely-capable CAs Jon Callas
- Re: [therightkey] Barely-capable CAs Phillip Hallam-Baker