[141269] in cryptography@c2.net mail archive
Re: Security by asking the drunk whether he's drunk
daemon@ATHENA.MIT.EDU (David Molnar)
Sun Dec 28 11:07:53 2008
Date: Sat, 27 Dec 2008 12:39:44 -0800
From: David Molnar <dmolnar@eecs.berkeley.edu>
To: Ben Laurie <benl@google.com>
CC: cryptography@metzdowd.com
In-Reply-To: <1b587cab0812270702q783a8c43o4a2ef993249e21cf@mail.gmail.com>
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig2C9932B670E54EACF170BE65
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Ben Laurie wrote:
>=20
> I can't find discussion of Perspectives - hint?
Service from a group at CMU that uses semi-trusted "notary" servers to
periodically probe a web site to see which public key it uses. The
notaries provide the list of keys used to you, so you can attempt to
detect things like a site that has a different key for you than
previously shown to all of the notaries. The idea is that to fool the
system, the adversary has to compromise all links between the target
site and the notaries all the time.
Paper, code, and Firefox extension:
http://www.cs.cmu.edu/~perspectives/
--------------enig2C9932B670E54EACF170BE65
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJVpKUyyxj0uImQ6gRAuXwAJ9yqU/Z/ycuf178VR2IlGSY49qQSwCfWjox
VCFrws+Nk5juI1e+YA6AWQA=
=Wriw
-----END PGP SIGNATURE-----
--------------enig2C9932B670E54EACF170BE65--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
