Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Frank Hecker wrote: Nelson B Bolyard wrote: What does "https cannot be easily shared across one IP numbers" mean? I presume Ian is referring to the case of multiple virtual hosts sharing a single IP address (due to lack of SNI support in deployed versions of Apache). Yes; one Apache http

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Nelson B Bolyard wrote: What does "https cannot be easily shared across one IP numbers" mean? I presume Ian is referring to the case of multiple virtual hosts sharing a single IP address (due to lack of SNI support in deployed versions of Apache). Frank -- Frank Hecker [EMAIL PROTECTED] __

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Ian G wrote, On 2008-12-04 05:38: > The first cause of the failure to use SSL for security is that https > cannot be easily shared across one IP numbers, a crucial, limited > resource. What does "https cannot be easily shared across one IP numbers" mean? ___

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Nelson B Bolyard wrote: (Snipped. Your interpretation is not inaccurate but isn't where we are heading.) I think this list is NOT the place for the debate over the superiority of open vs. closed source software. This is the open source locker room, not the open/closed source battle field.

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

On 12/03/2008 07:09 PM, Nelson B Bolyard: Kaspar Brand wrote, On 2008-12-03 08:36 PST: http://sni.velox.ch/httpd-2.2.x-sni.patch is working pretty well for 2.2, though (have a look at https://sni.velox.ch). Kaspar, Thank you for building and maintaining that web site. It is the ONLY web site

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Eddy Nigg wrote, On 2008-12-05 04:48: > On 12/05/2008 09:17 AM, Nelson Bolyard: >> Ian, >> >> Now, in contrast to that, I have been led to believe that Skype's: >> - protocols, security designs and parameters are proprietary, secret, have >> not been openly published, and thus not subjected to publ

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

On 12/05/2008 09:17 AM, Nelson Bolyard: Ian, Now, in contrast to that, I have been led to believe that Skype's: - protocols, security designs and parameters are proprietary, secret, have not been openly published, and thus not subjected to public scrutiny - components are all proprietary. Their

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Nelson Bolyard wrote: Ian, Previously in this thread, you wrote: For me, the purpose of this debate is finding out what users can expect from Mozilla by way of security. Thank you for taking the time to lay out your views! The answers to that quest probably include these properties: - op

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Ian, Previously in this thread, you wrote: > For me, the purpose of this debate is finding out what users can expect from > Mozilla by way of security. The answers to that quest probably include these properties: - open, openly specified, not secret, - inner workings subjected to public scrutiny

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Kaspar Brand wrote, On 2008-12-03 08:36 PST: > http://sni.velox.ch/httpd-2.2.x-sni.patch is working pretty well for > 2.2, though (have a look at https://sni.velox.ch). Kaspar, Thank you for building and maintaining that web site. It is the ONLY web site known to me that implements SNI. I use it

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Michael Ströder wrote, On 2008-11-27 06:02: > Anders Rundgren wrote: >> >> So what is then real problem? >> >> 1. The European Smart Card industry who do not want to become suppliers >> >> of commodities. >> >> >??? >> >Each time I talked to smartcard vendors they were keen on selling their >>

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

On 11/26/2008 01:30 AM, Eddy Nigg: Well, as a matter of fact, Jabber/XMPP inclusion into Thunderbird has been a widely requested feature (see https://bugzilla.mozilla.org/show_bug.cgi?id=385758 ) and is part of the broader road map of Mozilla Messaging. Unfortunately it will not make it into TB

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

On 11/26/2008 01:11 AM, Frank Hecker: I agree with Ian here: The focus of Mozilla Messaging and of Thunderbird should be on end users in general, not Mozilla community members specifically. And the interest of typical end users would be on connecting with their friends, who are not in general on

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Nelson B Bolyard wrote: Are you aware of chatzilla? It's been around for a long time. Protocols and architecture are defined in RFCs 2810-2813. Chatzilla interoperates with many other chat clients that follow those RFCs. For the record, there's also InstantBird which

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Nelson B Bolyard wrote: Ian G wrote, On 2008-11-22 07:39: So an obvious thing is to add chat to Tbird. How to do this? Are you aware of chatzilla? It's been around for a long time. Protocols and architecture are defined in RFCs 2810-2813. Chatzilla interoperates with many other chat client

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Ian G wrote, On 2008-11-22 07:39: > So an obvious thing is to add chat to Tbird. How to do this? Are you aware of chatzilla? It's been around for a long time. Protocols and architecture are defined in RFCs 2810-2813. Chatzilla interoperates with many other chat clients that follow those RFCs.

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

On 11/22/2008 05:39 PM, Ian G: I see this as an interesting question. There are pros and cons. First con; why would we want to do that? Just use Skype. Or, Nelson talked about AIM having some form of crypto. Also Jabber has something. Jabber doesn't just have "something", but the XMPP Foundati

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Anders Rundgren wrote: The following is related to the S/MIME discussions. ... If we (security experts) want to create anything that could match closed networks such as Skype, having 100M+ users enjoying full end-2-end-security, I think we need to be a bit pragmatic and not hoping that user

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

On 11/22/2008 12:12 PM, Anders Rundgren: Enrolment issues? Skype does this without the user having to know what a certificate is. LOL! And nobody knows what those keys are, nor if it's authentic and who else can listen and decrypt. Who controls what exactly? Does the user has control over his

Re: Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

Anders Rundgren wrote, On 2008-11-22 02:12: > The following is related to the S/MIME discussions. Anders, here are your choices: You may either have a) encryption using authenticated keys or b) encryption using unauthenticated keys. Certificates are used for authenticated encryption. If you don'

Creating a Global User-level CA/Trust Infrastructure for Secure Messaging

The following is related to the S/MIME discussions. One of the many [unsolvable] problems with S/MIME is the establishment of a globally working user-level PKI infrastructure. Although not perfect, I think it is fair to say that a globally working domain-name-level PKI infrastructure actually a