Bennet's right about PFS - however Perfect Forward Secrecy is a real pain in distributed systems to implement, but it is doable. Todd ----- Original Message ----- From: "Bennet S. Yee" <bsyat_private> To: <loganalysisat_private> Cc: "todd glassey" <todd.glasseyat_private> Sent: Wednesday, December 05, 2001 1:33 PM Subject: Re: [logs] Due Diligence for Admission in Court > signing key can be exposed or (mis)used by an insider long after the > log is initially created, so there is a chance that the log has been > tampered with. forward secure cryptography may be used, so that any > tampering must have been planned (and initiated) prior to the creation > of the long entry. done properly, even an insider (or an attacker who > takes complete control of the system) cannot tamper with the logs > undetected. > > -bsy > -------- > Bennet S. Yee Phone: +1 858 534 4614 Email: bsyat_private > (i often don't capitalize due to tendonitis) > Web: http://www-cse.ucsd.edu/~bsy/ > USPS: Dept of Comp Sci and Eng, 0114, UC San Diego, La Jolla, CA 92093-0114 > --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Dec 05 2001 - 14:56:35 PST