[148156] in cryptography@c2.net mail archive
Re: [Cryptography] HTTP should be deprecated.
daemon@ATHENA.MIT.EDU (Alex Stanford)
Wed Nov 13 13:00:12 2013
X-Original-To: cryptography@metzdowd.com
Date: Wed, 13 Nov 2013 09:21:50 -0500
From: Alex Stanford <ahstanford@gmail.com>
To: Eric Mill <eric@konklone.com>
In-Reply-To: <CANBOYLUvxkGYc+7MHAqdceRcE=d86JPu_Md0fYS-1cBq+fm0ng@mail.gmail.com>
Cc: cryptography@metzdowd.com, Peter Saint-Andre <stpeter@stpeter.im>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
This is a multi-part message in MIME format.
--===============4400279174793503222==
Content-Type: multipart/alternative;
boundary="------------040106030603040503080509"
This is a multi-part message in MIME format.
--------------040106030603040503080509
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
HTTPS can be a problem for CDNs for a couple of reasons:
1) In order to truly cache from the edge all the way back to origin over
HTTPS you have to juggle certs at each PoP and track which certs are
valid, at least in the CDN architectures I am familiar with. One trick
we've used is to allow HTTP or HTTPS for static files on origin, but
force dynamic pages to HTTPS - then the CDN caches via HTTP but serves
via HTTPS. This implementation works quite well for us.
2) Certs are generally tied to an IP or set of IPs and applying multiple
certs to one IP can prove difficult. So, CDNs assign IPs at each node
specifically for a particular hostname in order to provide a custom SSL
cert to a customer. So, a customer requiring custom SSL may thereby
require dozens of dedicated IPs.
At my business (fullambit.net) we're working to overcome these issues.
Our shared hosting accounts come with a dedicated IP, a trusted SSL
cert, anycast DNS and CDN service included by default. However, this
default CDN service is limited to a shared CDN hostname. This is usually
not a concern for customers, and other CDNs offer the same type of deal
(cdn77.com for example). It's when we come to custom SSL certs on the
CDN that we start to stand apart. We only charge $27.99/yr for a Thawte
123 DV certificate or $109.99 for a Thawte Web Server EV certificate.
The only caveat is that we ask customers to commit to at least 1TB/mo
for the entirety of the year, at a rate of $39.99 per TB. We're also
flexible in offering other certificates. ($8.79 /yr for RapidSSL, and we
can do Wildcards too, for example)
My point being that while it is a challenge to offer SSL as a CDN, it is
also entirely possible, and I would assume even more so for big
companies like Akamai. CDN's and caching really shouldn't be part of the
equation when it comes to HTTPSing the Internet.
> Eric Mill <mailto:eric@konklone.com>
> Monday, November 04, 2013 2:01 PM
> I'm very pro-HTTPS for as many places as possible, switched to use it
> on my own site, and documented how to do it
> <https://konklone.com/post/switch-to-https-now-for-free> in detail.
>
> But I'm also very pro-"it should be easy to publish things on the
> Internet", and key management *is* a pain in the ass. Requiring it
> Internet-wide would raise the barrier for people new to web publishing
> to get started, and/or make more people just use a *.wordpress.com
> <http://wordpress.com/> or *.whatever.com
> <http://whatever.com/> domain, rather than bother getting their own.
>
> Instead, we should establish very clear norms about HTTPS for services
> and web applications of all kinds. If you have the ability to add
> HTTPS support, you should, and the mandate is especially clear for
> hosting services.
>
> For example, one glaring gap for me is Github Pages. It's impossible
> to use HTTPS if you host something via Github Pages, whether or not
> you use your own domain name (unless you do something expensive like
> put CloudFront in front of it).
>
> Caching with HTTPS is a problem. One source of reluctance for major
> platforms to support HTTPS is because CDNs like Akamai raise their
> prices drastically if you want HTTPS. That's a major market force that
> guides the decision companies make, and it's one we should commit
> ourselves to changing.
>
>
>
>
>
> --
> konklone.com <http://konklone.com> | @konklone
> <https://twitter.com/konklone>
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
> Peter Saint-Andre <mailto:stpeter@stpeter.im>
> Monday, November 04, 2013 12:28 PM
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Some of us are working on that for some protocols:
>
> https://github.com/stpeter/manifesto
>
> Peter
>
> - --
> Peter Saint-Andre
> https://stpeter.im/
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJSd9lbAAoJEOoGpJErxa2pzhIP/iAdZkNEdgWRrt9N/7Tc06IK
> 3U9zDSzve6BglycwKsCmB8e9+dOuXjw383PiiydbiMDkmUOj7uvkiI069TImfk4E
> Q49WKlBX3rNeqSuk3OAE4CgsnQLxxKns52q4TqfunsDgQS4EJL0xb6VH/O62JxFO
> vjX6N0l6XYS/VnjJJi4jsqAsFjwsx0sVHP30bpvNNqTr511RRSdIa3udUE3CY8mP
> Hf/8V6x6kLQENXgW4lYNyLMG3r4Q3/BkHkurLuw33jdCxNu6Wx4RB5xFPCWKFQyS
> XgrYUBDRfVFHB0OqiukFE0uBqVvuTB9UH47zZiFuN3GM55UJ4TE8gks4W2v7Ku/n
> vby+u/vToqZGGLJYwd2AzyfUag629KhnCbMJ1arp+fd5hMx5O3mbvzB7sJu92Suj
> ZYB3LIkWUc/F5EJXCZN73HhxiyFbkWi5kVfPLkd5UybpI9CNd9Kglh00TBryZ5Ws
> dGF/cOuwtWVOoNn5VeJDFm9MRbDnICwkpguuIdWCZGC8e30A7e4cuR3OFrNVkkfg
> 2ZmFaiVPN93aKeWiXclCkdTwxCXHoRByfSO89Z6QHDhQqbSQ6WMKaidPPbphGyjl
> yyPUG3EsleZQBWdSic+5dgV4TIu2EMzY9IAYGuuNZruFRvr/ZUDnNosIbdg3UnXH
> yNFG+7eTIcVkax5Riqgz
> =S+19
> -----END PGP SIGNATURE-----
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
> Greg <mailto:greg@kinostudios.com>
> Monday, November 04, 2013 10:50 AM
> Could someone please forward this message to the Elders of the Internet™?
>
> It's time to make encryption mandatory in all communication protocols.
>
> Thx,
>
> - Greg
>
> --
> Please do not email me anything that you are not comfortable also
> sharing with the NSA.
>
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
--------------040106030603040503080509
Content-Type: multipart/related;
boundary="------------080400040108000007080804"
--------------080400040108000007080804
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 8bit
<html><head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head><body bgcolor="#FFFFFF" text="#000000">HTTPS can be a problem for
CDNs for a couple of reasons:<br>
<br>
1) In order to truly cache from the edge all the way back to origin over
HTTPS you have to juggle certs at each PoP and track which certs are
valid, at least in the CDN architectures I am familiar with. One trick
we've used is to allow HTTP or HTTPS for static files on origin, but
force dynamic pages to HTTPS - then the CDN caches via HTTP but serves
via HTTPS. This implementation works quite well for us.<br>
<br>
2) Certs are generally tied to an IP or set of IPs and applying multiple
certs to one IP can prove difficult. So, CDNs assign IPs at each node
specifically for a particular hostname in order to provide a custom SSL
cert to a customer. So, a customer requiring custom SSL may thereby
require dozens of dedicated IPs.<br>
<br>
At my business (fullambit.net) we're working to overcome these issues.
Our shared hosting accounts come with a dedicated IP, a trusted SSL
cert, anycast DNS and CDN service included by default. However, this
default CDN service is limited to a shared CDN hostname. This is usually
not a concern for customers, and other CDNs offer the same type of deal
(cdn77.com for example). It's when we come to custom SSL certs on the
CDN that we start to stand apart. We only charge $27.99/yr for a Thawte
123 DV certificate or $109.99 for a Thawte Web Server EV certificate.
The only caveat is that we ask customers to commit to at least 1TB/mo
for the entirety of the year, at a rate of $39.99 per TB. We're also
flexible in offering other certificates. ($8.79 /yr for RapidSSL, and we
can do Wildcards too, for example)<br>
<br>
My point being that while it is a challenge to offer SSL as a CDN, it is
also entirely possible, and I would assume even more so for big
companies like Akamai. CDN's and caching really shouldn't be part of the
equation when it comes to HTTPSing the Internet.<br>
<blockquote style="border: 0px none;"
cite="mid:CANBOYLUvxkGYc+7MHAqdceRcE=d86JPu_Md0fYS-1cBq+fm0ng@mail.gmail.com"
type="cite">
<div style="margin:30px 25px 10px 25px;" class="__pbConvHr"><div
style="display:table;width:100%;border-top:1px solid
#EDEEF0;padding-top:5px"> <div
style="display:table-cell;vertical-align:middle;padding-right:6px;"><img
photoaddress="eric@konklone.com" photoname="Eric Mill"
src="cid:part1.08000103.02080608@gmail.com" name="postbox-contact.jpg"
height="25px" width="25px"></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;width:100%">
<a moz-do-not-send="true" href="mailto:eric@konklone.com"
style="color:#737F92
!important;padding-right:6px;font-weight:bold;text-decoration:none
!important;">Eric Mill</a></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;">
<font color="#9FA2A5"><span style="padding-left:6px">Monday, November
04, 2013 2:01 PM</span></font></div></div></div>
<div style="color:#888888;margin-left:24px;margin-right:24px;"
__pbrmquotes="true" class="__pbConvBody"><div dir="ltr"><span
style="font-family:arial,sans-serif;font-size:13px">I'm very pro-HTTPS
for as many places as possible, switched to use it on my own site, and </span><a
moz-do-not-send="true" target="_blank"
style="font-family:arial,sans-serif;font-size:13px"
href="https://konklone.com/post/switch-to-https-now-for-free">documented
how to do it</a><span
style="font-family:arial,sans-serif;font-size:13px"> in detail.</span><div
style="font-family:arial,sans-serif;font-size:13px">
<br></div><div style="font-family:arial,sans-serif;font-size:13px">But
I'm also very pro-"it should be easy to publish things on the Internet",
and key management *is* a pain in the ass. Requiring it Internet-wide
would raise the barrier for people new to web publishing to get started,
and/or make more people just use a *.<a moz-do-not-send="true"
target="_blank" href="http://wordpress.com/">wordpress.com</a> or *.<a
moz-do-not-send="true" target="_blank" href="http://whatever.com/">whatever.com</a> domain,
rather than bother getting their own.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br></div><div
style="font-family:arial,sans-serif;font-size:13px">Instead, we should
establish very clear norms about HTTPS for services and web applications
of all kinds. If you have the ability to add HTTPS support, you should,
and the mandate is especially clear for hosting services.</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br></div><div
style="font-family:arial,sans-serif;font-size:13px">For example, one
glaring gap for me is Github Pages. It's impossible to use HTTPS if you
host something via Github Pages, whether or not you use your own domain
name (unless you do something expensive like put CloudFront in front of
it).</div>
<div style="font-family:arial,sans-serif;font-size:13px"><br></div><div
style="font-family:arial,sans-serif;font-size:13px">Caching with HTTPS
is a problem. One source of reluctance for major platforms to support
HTTPS is because CDNs like Akamai raise their prices drastically if you
want HTTPS. That's a major market force that guides the decision
companies make, and it's one we should commit ourselves to changing.</div>
</div><div class="gmail_extra"><br><br><br><br clear="all"><div><br></div>--
<br><div dir="ltr"><div><a moz-do-not-send="true" target="_blank"
href="http://konklone.com">konklone.com</a> | <a moz-do-not-send="true"
target="_blank" href="https://twitter.com/konklone">@konklone</a><br>
</div></div>
</div>
<div>_______________________________________________<br>The cryptography
mailing list<br><a class="moz-txt-link-abbreviated" href="mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><br><a class="moz-txt-link-freetext" href="http://www.metzdowd.com/mailman/listinfo/cryptography">http://www.metzdowd.com/mailman/listinfo/cryptography</a></div></div>
<div style="margin:30px 25px 10px 25px;" class="__pbConvHr"><div
style="display:table;width:100%;border-top:1px solid
#EDEEF0;padding-top:5px"> <div
style="display:table-cell;vertical-align:middle;padding-right:6px;"><img
photoaddress="stpeter@stpeter.im" photoname="Peter Saint-Andre"
src="cid:part2.08050306.04070601@gmail.com" name="postbox-contact.jpg"
height="25px" width="25px"></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;width:100%">
<a moz-do-not-send="true" href="mailto:stpeter@stpeter.im"
style="color:#737F92
!important;padding-right:6px;font-weight:bold;text-decoration:none
!important;">Peter Saint-Andre</a></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;">
<font color="#9FA2A5"><span style="padding-left:6px">Monday, November
04, 2013 12:28 PM</span></font></div></div></div>
<div style="color:#888888;margin-left:24px;margin-right:24px;"
__pbrmquotes="true" class="__pbConvBody"><div>-----BEGIN PGP SIGNED
MESSAGE-----<br>Hash: SHA1<br></div><div><!----><br>Some of us are
working on that for some protocols:<br><br><a class="moz-txt-link-freetext" href="https://github.com/stpeter/manifesto">https://github.com/stpeter/manifesto</a><br><br>Peter<br><br>-
-- <br>Peter Saint-Andre<br><a class="moz-txt-link-freetext" href="https://stpeter.im/">https://stpeter.im/</a><br><br><br>-----BEGIN
PGP SIGNATURE-----<br>Version: GnuPG/MacGPG2 v2.0.19 (Darwin)<br>Comment:
GPGTools - <a class="moz-txt-link-freetext" href="http://gpgtools.org">http://gpgtools.org</a><br>Comment: Using GnuPG with Thunderbird
- <a class="moz-txt-link-freetext" href="http://www.enigmail.net/">http://www.enigmail.net/</a><br><br>iQIcBAEBAgAGBQJSd9lbAAoJEOoGpJErxa2pzhIP/iAdZkNEdgWRrt9N/7Tc06IK<br>3U9zDSzve6BglycwKsCmB8e9+dOuXjw383PiiydbiMDkmUOj7uvkiI069TImfk4E<br>Q49WKlBX3rNeqSuk3OAE4CgsnQLxxKns52q4TqfunsDgQS4EJL0xb6VH/O62JxFO<br>vjX6N0l6XYS/VnjJJi4jsqAsFjwsx0sVHP30bpvNNqTr511RRSdIa3udUE3CY8mP<br>Hf/8V6x6kLQENXgW4lYNyLMG3r4Q3/BkHkurLuw33jdCxNu6Wx4RB5xFPCWKFQyS<br>XgrYUBDRfVFHB0OqiukFE0uBqVvuTB9UH47zZiFuN3GM55UJ4TE8gks4W2v7Ku/n<br>vby+u/vToqZGGLJYwd2AzyfUag629KhnCbMJ1arp+fd5hMx5O3mbvzB7sJu92Suj<br>ZYB3LIkWUc/F5EJXCZN73HhxiyFbkWi5kVfPLkd5UybpI9CNd9Kglh00TBryZ5Ws<br>dGF/cOuwtWVOoNn5VeJDFm9MRbDnICwkpguuIdWCZGC8e30A7e4cuR3OFrNVkkfg<br>2ZmFaiVPN93aKeWiXclCkdTwxCXHoRByfSO89Z6QHDhQqbSQ6WMKaidPPbphGyjl<br>yyPUG3EsleZQBWdSic+5dgV4TIu2EMzY9IAYGuuNZruFRvr/ZUDnNosIbdg3UnXH<br>yNFG+7eTIcVkax5Riqgz<br>=S+19<br>-----END
PGP SIGNATURE-----<br>_______________________________________________<br>The
cryptography mailing list<br><a class="moz-txt-link-abbreviated" href="mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><br><a class="moz-txt-link-freetext" href="http://www.metzdowd.com/mailman/listinfo/cryptography">http://www.metzdowd.com/mailman/listinfo/cryptography</a><br></div></div>
<div style="margin:30px 25px 10px 25px;" class="__pbConvHr"><div
style="display:table;width:100%;border-top:1px solid
#EDEEF0;padding-top:5px"> <div
style="display:table-cell;vertical-align:middle;padding-right:6px;"><img
photoaddress="greg@kinostudios.com" photoname="Greg"
src="cid:part3.04020408.02020108@gmail.com"
name="compose-unknown-contact.jpg" height="25px" width="25px"></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;width:100%">
<a moz-do-not-send="true" href="mailto:greg@kinostudios.com"
style="color:#737F92
!important;padding-right:6px;font-weight:bold;text-decoration:none
!important;">Greg</a></div> <div
style="display:table-cell;white-space:nowrap;vertical-align:middle;">
<font color="#9FA2A5"><span style="padding-left:6px">Monday, November
04, 2013 10:50 AM</span></font></div></div></div>
<div style="color:#888888;margin-left:24px;margin-right:24px;"
__pbrmquotes="true" class="__pbConvBody"><div>Could someone please
forward this message to the Elders of the Internet™?<br><br>It's time to
make encryption mandatory in all communication protocols.<br><br>Thx,<br><br>-
Greg<br><br>--<br>Please do not email me anything that you are not
comfortable also sharing with the NSA.<br><br></div><div>_______________________________________________<br>The
cryptography mailing list<br><a class="moz-txt-link-abbreviated" href="mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><br><a class="moz-txt-link-freetext" href="http://www.metzdowd.com/mailman/listinfo/cryptography">http://www.metzdowd.com/mailman/listinfo/cryptography</a></div></div>
</blockquote>
</body></html>
--------------080400040108000007080804
Content-Type: image/jpeg; x-apple-mail-type=stationery;
name="postbox-contact.jpg"
Content-Transfer-Encoding: base64
Content-ID: <part1.08000103.02080608@gmail.com>
Content-Disposition: inline;
filename="postbox-contact.jpg"
/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAMCAgICAgMCAgIDAwMDBAYEBAQEBAgGBgUGCQgK
CgkICQkKDA8MCgsOCwkJDRENDg8QEBEQCgwSExIQEw8QEBD/2wBDAQMDAwQDBAgEBAgQCwkL
EBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/wAAR
CAAZABkDAREAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAA
AgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkK
FhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWG
h4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl
5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA
AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYk
NOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOE
hYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk
5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD5o8ReKtY1vU5Nd1T7PqF7qMFrd3dzeWFv
PLLLJAjOxd0J+8x46AYAwABX6Lh8PT9mrI/H8Xi6rrNSkrlP+1ru1i2mx0XDD5c6VaEj2/1d
dSw0Irb8WcX1udSWj/BGl4Y1eV9Usnks9PgcXcKiWLTreKRfnX5ldEDK3oykEHkEVlPDw5JN
r8xrFVlXgk9L9jT/AOGrv2i/+irap/3zF/8AEV4/1Gh/KfQ/2piv53+Bx6+c8VnIATiwtVxj
OT5MfWvcw6fs0fO4yUXWkvMhaC5Ytbuh3KCcgf1rflk9GYqcF76NDQkmS8sjNwRMhbIxjDA5
/Ss5RfI0yeeKqqUe5wef+mq14+p9FbyOqie8jENlcRPDNbxJBPDKpSSN0UKysp5DAggg9CK9
PDy5qcbbWPHxdJQrT5lrdkkl06OXJdxjnPoMf4V181jljSUlZaEVtrLJdrKXCRJliT2A5zXP
Krq+xv8AVUktLvQ5/wD4Vz8S/wDon/ij/wAFNx/8RXzfto9z7L6tP+X8DvP2vf8Ak5zx7/1/
r/6JjrLD/AjbG/xJep5BP9xvp/SuqWxyQ3Rt/Cv/AJKX4T/7Ddj/AOlCVhP4X6HXH44+qP3E
rwz6M//Z
--------------080400040108000007080804
Content-Type: image/jpeg; x-apple-mail-type=stationery;
name="postbox-contact.jpg"
Content-Transfer-Encoding: base64
Content-ID: <part2.08050306.04070601@gmail.com>
Content-Disposition: inline;
filename="postbox-contact.jpg"
/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAMCAgICAgMCAgIDAwMDBAYEBAQEBAgGBgUGCQgK
CgkICQkKDA8MCgsOCwkJDRENDg8QEBEQCgwSExIQEw8QEBD/2wBDAQMDAwQDBAgEBAgQCwkL
EBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBD/wAAR
CAAZABkDAREAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAA
AgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkK
FhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWG
h4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl
5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA
AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYk
NOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOE
hYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk
5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD6Y+Df7Q+lXy2dj470ZtSiuIrRrvVrixEk
lncTQiQw3EgBRnyc+Wp3opHBXp5lLFyi/wB7t3NHFfZPp2z0vwlqFrHfWOk6TPbzIJI5Y7eJ
kdT0IIGCK9BTUtTM8i+J/wAbfhv4L1VvC2laTYXuriEzTG2t1Is484Duyj92OuGYgZHGTXLV
xTivcVy4pP4j47/4bj+MP/P94p/8E0dc/tK/dFWifePw98C+A/DHwZ0nw62mWw0W40uGe8F1
+8Nw7xqzyyu3LuTzuPPAxjAx6Eo04xs9jO7vofPFz4k8Upa+KdH+Bmp+IJ/BltL5VzrRtlnt
rB9485IWZg0zgb8soKJwZixBrybVopumnyduprdPTqe+/A/w38KrPwRJZ+BE+1x3/wA2rz3r
CW+u52X5munPLMR0/gxjZ8uK9DD+znC1PbsZSTT1PkH/AIVX4H9dW/8ABpP/APFVf1eIjf8A
BU1t8QLD4c/D7UfiJ4p17W9bNlF4u8PNfCMadbw2+Z4ikUaNBGrBkcsQ+7bHubINYOPtJJP5
lJ6H3Ho2iaP4e0q10PQ9NtbDT7KJYLe1toljiijUYCqo4ArtguUk+ZfjPonhn4f/ABX07UZf
GOq/D7wzqek3dzf6hpt3FaxPdpPCViDSI4XKGRyq7ehYcjnjlCMJuS0L5/dsfGn9q+Ov+f7x
l/34n/8AkeqvMg94+OP/ACXHxd/18x/+ikrpW4+hyVWIfp3/ACMWg/8AYZsf/R61EgP0lqwP
/9k=
--------------080400040108000007080804
Content-Type: image/jpeg; x-apple-mail-type=stationery;
name="compose-unknown-contact.jpg"
Content-Transfer-Encoding: base64
Content-ID: <part3.04020408.02020108@gmail.com>
Content-Disposition: inline;
filename="compose-unknown-contact.jpg"
/9j/4AAQSkZJRgABAQEARwBHAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEC
AQEBAQEBAgICAgICAgICAgICAgICAgICAgICAgICAgICAgL/2wBDAQEBAQEBAQICAgICAgIC
AgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgL/wAAR
CAAZABkDAREAAhEBAxEB/8QAGAAAAwEBAAAAAAAAAAAAAAAABgcICQr/xAA0EAABAwMCAgUK
BwAAAAAAAAACAQMEBQYRABITIQcUMUF2CBUXIjI2N0JRtVRWkZOV0dL/xAAYAQEAAwEAAAAA
AAAAAAAAAAADAAEEAv/EACQRAAICAAQGAwAAAAAAAAAAAAABAhEDMrHREyExM0FxgfDx/9oA
DAMBAAIRAxEAPwDuEt+gW/ULet6oVC3rfqNQqFv0OfPn1GhUqfOmzZtKZlS5UqZMaNwzNwiJ
VIl7eXLCaZIGwBl3TY8epPx2+jy2ZNPjvkwc9uhW8j7nCPhvOsQliYIeS7cvCpp8o50qwrC4
v3lsNSDbdmTEhvs2tahxpfV3WnmbbozJEw/gwdadbYExVRXKEKoSdvJcaOSqxE7/AAiX0gXx
+a69/JSf9alIlste0VzaNpeFrcT9KKymotyiaZ0KRCnzacoE7Kjzn4gi2KqUh3jqDHDHv4mR
UfruTWlMzlVUKIVNp9GguEJnAh0+IZjyAiisgyRDnu5azS8miKqjOTVkKqS/psG37fo1Fbab
eg25b8eZPeFJBBJSjMG5HjMeyihnaauZwe4OGiju13GAcpOwBeN+U8/IkGbsiS8b7ryogmbz
hbyc9REROfZhERO5ETShjPtvpGqTUyLErytS4siSwx5x2tRH4hPOI0DkjZtaJtFxuVEbIUUi
yeNujlBUJGbJN6nM/Cyf2Hf60YgjvKA+NPSP4gT7axpcPtr51YWJnYn9dnAQWl722p4ot37y
zqnlfp6FrqbwawG8/9k=
--------------080400040108000007080804--
--------------040106030603040503080509--
--===============4400279174793503222==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============4400279174793503222==--
