1995-09-19 - netscape’s response

Header Data

From: sameer <sameer@c2.org>
To: cypherpunks@toad.com
Message Hash: 78706343b8942b241482e71ce7a3ee1e8e7485771a51c03ba188cef894992ce7
Message ID: <199509192304.QAA05546@infinity.c2.org>
Reply To: N/A
UTC Datetime: 1995-09-19 23:09:49 UTC
Raw Date: Tue, 19 Sep 95 16:09:49 PDT

Raw message

From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 16:09:49 PDT
To: cypherpunks@toad.com
Subject: netscape's response
Message-ID: <199509192304.QAA05546@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


" With this knowledge, an experienced computer programmer could
decrypt messages sent by Netscape Navigator to other computers in a
few hours of computation time."

	Excuse me? A few hours? Try 25 seconds??

"Netscape has also begun to engage an external group of world-class
security experts who will review our solution to this problem before
it is sent to customers."

	A group which offered to review the first version, but
Netscape refused.

	From their release it looks like they aren't finding a better
source of entropy, but just using *more* sources of entropy. Doesn't
mean that the entropy is good.
	A T-shirt to the first person to decompile the new Seed code
and post the sources of "entropy" used.

	(See http://www.c2.org/hacknetscape for general [not written
in stone] guidelines regarding t-shirt awards)

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




Thread