Paul Hoffman a écrit :
> [...]. Note, however, that
> they seem to be about the only group who is publishing any results from
> their efforts. That could either mean they are the only group working on
> it, or that other groups working on it are not getting publishable results.
During about 5 year
If it's a persistent error in the profile, a bug needs to be filed
anyway. I have not yet seen this behavior.
-Kyle H
2008/6/11 Eddy Nigg (StartCom Ltd.) <[EMAIL PROTECTED]>:
> Just want to ask before opening a new bug: Upon visiting a newly generated
> server certificate, the OCSP server wasn't
Just want to ask before opening a new bug: Upon visiting a newly
generated server certificate, the OCSP server wasn't ready and/or the
certificate chain wasn't complete. Ever since, I can't access this site
and receive sec_error_untrusted_cert. Even when using a different sub
domain (it's a wil
We've actually had a discussion on this topic very recently. My
understanding of what we've learned from that discussion (feel free to
chime in if I'm not understanding properly):
1) The NIST (a US organization) states that after December 31, 2010,
nobody should be using 1024-bit RSA keys to prot
Paul Hoffman wrote:
> Note, however, that
> they seem to be about the only group who is publishing any results from
> their efforts. That could either mean they are the only group working on
> it, or that other groups working on it are not getting publishable results.
Or 3. that other groups wo
At 3:01 PM +0200 6/11/08, Jean-Marc Desperrier wrote:
>I might have reacted a bit too strongly on this news.
+1
At 2:56 PM +0200 6/11/08, Jean-Marc Desperrier wrote:
>Also I'd need to search for more reference, but I've been reading that
>the factorisation of the 2^1039-1 Mersenne number
>http://
Hi guys,
I'm looking for some guidance on how to import and remove .p12 user
certificates in the firefox user cert store. I would imagine
everything I need to accomplish this would be in the JSS PKCS12
library. Can anyone give me some details on how to go about doing
this? I just want to keep thin
Gervase Markham wrote:
> [...]
>> If we see
>> cooperation from CA's in quickly revoking those certs which are
>> vulnerable, that would be enough to convince mozilla the right way to
>> solve the problem is to depend on option 1 and fix revocation in the
>> existing browsers.
>>
>> This is an oppo
Jean-Marc Desperrier:
Well I don't know why neither you nor Paul found it, maybe because you
searched for exactly 650 bits, it should take only seconds to find
references to the factorisation of RSA-640 and of RSA-200 (a 200 digits
number that is in fact 663 bits long).
http://www.rsa.com/rsalab
Jean-Marc Desperrier wrote:
>[...]
> If Kaspersky has made the analyze, and breaking a 1024 bit key is
> reasonnably within reach of a distributed effort, that means nobody
> should be using a 1024 key today for really important security.
I might have reacted a bit too strongly on this news.
I doe
Eddy Nigg (StartCom Ltd.) wrote:
> Jean-Marc Desperrier:
>> Eddy Nigg (StartCom Ltd.) wrote:
>>
>>> [...]
>>> However more interesting is this reference:
>>>
>> No, that is not more interesting. It's been known for a year or two that
>> keys around 600 bits were broken, and it was therefore alrea
Robert Relyea wrote:
> 1) work with CA's, in their existing infrastructures to get those certs
> revoked.
> 2) include that list of keys in the browser itself to detect this
> compromise.
> 3) build a parallel revocation scheme to phone home to mozilla (a.la.
> anti-phishing) to identify sites with
Jean-Marc Desperrier wrote:
> Kaspersky Lab announces the launch of Stop Gpcode, an international
> initiative against the blackmailer virus
> http://www.kaspersky.com/news?id=207575651
That seems pointless to me. If they crack it after a few months, the
virus author will just generate a new key
Jean-Marc Desperrier:
Eddy Nigg (StartCom Ltd.) wrote:
[...]
However more interesting is this reference:
No, that is not more interesting. It's been known for a year or two that
keys around 600 bits were broken, and it was therefore already quite
obvious that 768 wasn't safe today.
samrat saha wrote:
> what kind of techniques they are using to crack it..
> it cant be brute force at least. whats the mechanism they are using any
> idea.
In one word : general number field sieve.
I think you should read the wikipedia entry about prime numbers
factorization:
http://en.wikipedia
Eddy Nigg (StartCom Ltd.) wrote:
> [...]
> However more interesting is this reference:
No, that is not more interesting. It's been known for a year or two that
keys around 600 bits were broken, and it was therefore already quite
obvious that 768 wasn't safe today.
But *only* 15000 computers and
what kind of techniques they are using to crack it..
it cant be brute force at least. whats the mechanism they are using any
idea.
Samrat saha
Proxim wireless pvt ltd
2008/6/11 Eddy Nigg (StartCom Ltd.) <[EMAIL PROTECTED]>:
> Jean-Marc Desperrier:
>
> Kaspersky Lab announces the launch of Sto
Jean-Marc Desperrier:
Kaspersky Lab announces the launch of Stop Gpcode, an international
initiative against the blackmailer virus
http://www.kaspersky.com/news?id=207575651
If Kaspersky has made the analyze, and breaking a 1024 bit key is
reasonnably within reach of a distributed effort, that m
Michael Ströder wrote:
> Eddy Nigg (StartCom Ltd.) wrote:
>> I could produce millions of keys in my free time and post them to some
>> web site...I could tell you now that those are all compromised keys
>> and all CAs should now scan their subscribers keys against the ones I
>> posted. Should it fi
Kaspersky still now not able to break 1024 bit key, they highest bit size
they claimed to break is 660.
samrat
On Wed, Jun 11, 2008 at 2:01 PM, Jean-Marc Desperrier <[EMAIL PROTECTED]>
wrote:
> Kaspersky Lab announces the launch of Stop Gpcode, an international
> initiative against the blackmail
Kaspersky Lab announces the launch of Stop Gpcode, an international
initiative against the blackmailer virus
http://www.kaspersky.com/news?id=207575651
If Kaspersky has made the analyze, and breaking a 1024 bit key is
reasonnably within reach of a distributed effort, that means nobody
should be
21 matches
Mail list logo
