September 20th 2008
This is more of a reminder to myself - you can enable SSL on WordPress, but it’s essentially an undocumented feature. This afternoon all I could find was a forum posting on enabling SSL.
There doesn’t seem to be genuine documentation on it in the Codex, at least, not documentation that pops out when you do a search. Continue Reading »
September 7th 2008
In honor of the electoral season, I’m sharing an old photograph. The occasion was a visit by Senator John McCain (R-AZ) to Secure Computing in June, 1999. We discussed possible revisions to cryptographic export controls, and he posed for photos, holding a copy of Internet Cryptography, which was ‘recently published’ back then.
I don’t want to turn this into a political blog - this posting simply reports on the visit. Continue Reading »
August 5th 2008
Mozilla, like most responsible web browsers, pops up a warning if someone visits a secure web site where the site’s crypto credentials have not been countersigned by a recognized certificate authority.
In Slashdot, Chandon Seldon arues that the Mozilla SSL Policy is Bad For the Web., which links to material by Nat Tuck saying, again, Mozilla SSL policy bad for the Web. The argument is that this policy violates net neutrality by forcing people into a commercial venue if they want their secure connections to be user friendly. The commentaries find this especially troublesome for nonprofit organizations.
This is nonsense. Net Neutrality is about connectivity. SSL is about security and assured identification. Web browsers pop up a complaint about authentication when they can’t verify a site’s identity - that’s what the browser is supposed to do. SSL certificate management is the best affirmative defense in the Internet today and these suggestions will only weaken it. Continue Reading »
August 3rd 2008
A while back I wrote a post to explain the one-time pad encryption technique. It goes along with other pages that explain some fundamental cryptographic concepts.
It’s amazing how subtle a one-time pad really is. On one level they’re deceptively simple: you simply match up the text of your message with a collection of “random bits” you share with the recipient. To decrypt, the recipient matches up a copy of those “random bits” to retrieve the message.
The trick is in the definition of “random bits.” Continue Reading »