[21184] in cryptography@c2.net mail archive
Re: Zfone and ZRTP :: encryption for voip protocols
daemon@ATHENA.MIT.EDU (Victor Duchovni)
Thu Mar 16 11:47:18 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 16 Mar 2006 10:41:29 -0500
From: Victor Duchovni <Victor.Duchovni@MorganStanley.com>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <44189A9F.3030102@nma.com>
On Wed, Mar 15, 2006 at 02:52:15PM -0800, Ed Gerck wrote:
> cybergio wrote:
> >
> >Zfone :: http://www.philzimmermann.com/EN/zfone/index.html
>
> "...it achieves security without reliance on a PKI, key certification,
> trust models, certificate authorities, or key management..."
>
> Good. But, uf course, there's a trust model and you need to rely on it.
>
> "...allows the detection of man-in-the-middle (MiTM) attacks by
> displaying a short authentication string for the users to read and
> compare over the phone."
>
> Depends on the trust model. May not work.
Indeed, but it looks to be the right security model for the mass market.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
