<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article10_03_29_1952215</id>
	<title>OpenSSL 1.0.0 Released</title>
	<author>Soulskill</author>
	<datestamp>1269851460000</datestamp>
	<htmltext>hardaker writes <i>"After over 11 years of development since the start of the <a href="http://www.openssl.org/news/">OpenSSL Project</a> (1998-12-23), OpenSSL version 1.0.0 has finally hit the shelves of the <a href="http://www.openssl.org/source/">free-for-all store</a>."</i></htmltext>
<tokenext>hardaker writes " After over 11 years of development since the start of the OpenSSL Project ( 1998-12-23 ) , OpenSSL version 1.0.0 has finally hit the shelves of the free-for-all store .
"</tokentext>
<sentencetext>hardaker writes "After over 11 years of development since the start of the OpenSSL Project (1998-12-23), OpenSSL version 1.0.0 has finally hit the shelves of the free-for-all store.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661902</id>
	<title>1.0.0</title>
	<author>Anonymous</author>
	<datestamp>1269855420000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p>Meh.  I never run version 1.0 of anything.</p></htmltext>
<tokenext>Meh .
I never run version 1.0 of anything .</tokentext>
<sentencetext>Meh.
I never run version 1.0 of anything.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661948</id>
	<title>OHH MY EYES!!</title>
	<author>Anonymous</author>
	<datestamp>1269855660000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext>They seriously need to get some better web designers because their site looks like  1990s took a trip to the future and vomited.</htmltext>
<tokenext>They seriously need to get some better web designers because their site looks like 1990s took a trip to the future and vomited .</tokentext>
<sentencetext>They seriously need to get some better web designers because their site looks like  1990s took a trip to the future and vomited.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663686</id>
	<title>Re:Please please keep a stable ABI</title>
	<author>Karellen</author>
	<datestamp>1269864300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Yes, but pre-1.0 versions of, well, pretty much <em>anything</em>, do not have stable A[PB]Is. That's one of the things about being pre-1.0; everything is still subject to change.</p><p>Now, all future 1.x(.y) releases should be A[PB]I backwards compatible with 1.0.0. If they're not, yes, that would be bad release management. But until they do that, I don't think it's entirely fair to complain about it.</p></htmltext>
<tokenext>Yes , but pre-1.0 versions of , well , pretty much anything , do not have stable A [ PB ] Is .
That 's one of the things about being pre-1.0 ; everything is still subject to change.Now , all future 1.x ( .y ) releases should be A [ PB ] I backwards compatible with 1.0.0 .
If they 're not , yes , that would be bad release management .
But until they do that , I do n't think it 's entirely fair to complain about it .</tokentext>
<sentencetext>Yes, but pre-1.0 versions of, well, pretty much anything, do not have stable A[PB]Is.
That's one of the things about being pre-1.0; everything is still subject to change.Now, all future 1.x(.y) releases should be A[PB]I backwards compatible with 1.0.0.
If they're not, yes, that would be bad release management.
But until they do that, I don't think it's entirely fair to complain about it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662246</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662322</id>
	<title>Re:Geee!</title>
	<author>pushing-robot</author>
	<datestamp>1269857340000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p><div class="quote"><p>To use the Packet Forensics box, a law enforcement or intelligence agency would have to install it inside an ISP, and persuade one of the Certificate Authorities &mdash; using money, blackmail or legal process &mdash; to issue a fake certificate for the targeted website. Then they could capture your username and password, and be able to see whatever transactions you make online.</p></div><p>Granted, TFA states that a hacker could potentially circumvent the more difficult parts by using social engineering&mdash;registering a certificate that <i>looks</i> like it matches a particular web site and hoping surfers will manually accept it.  But that's again a problem with the certificate authority and/or user, not SSL itself.</p><p>All the article really boils down to is that SSL is useless if the client and server can't trust the certificate authority.  Which should be freaking obvious.</p></div>
	</htmltext>
<tokenext>To use the Packet Forensics box , a law enforcement or intelligence agency would have to install it inside an ISP , and persuade one of the Certificate Authorities    using money , blackmail or legal process    to issue a fake certificate for the targeted website .
Then they could capture your username and password , and be able to see whatever transactions you make online.Granted , TFA states that a hacker could potentially circumvent the more difficult parts by using social engineering    registering a certificate that looks like it matches a particular web site and hoping surfers will manually accept it .
But that 's again a problem with the certificate authority and/or user , not SSL itself.All the article really boils down to is that SSL is useless if the client and server ca n't trust the certificate authority .
Which should be freaking obvious .</tokentext>
<sentencetext>To use the Packet Forensics box, a law enforcement or intelligence agency would have to install it inside an ISP, and persuade one of the Certificate Authorities — using money, blackmail or legal process — to issue a fake certificate for the targeted website.
Then they could capture your username and password, and be able to see whatever transactions you make online.Granted, TFA states that a hacker could potentially circumvent the more difficult parts by using social engineering—registering a certificate that looks like it matches a particular web site and hoping surfers will manually accept it.
But that's again a problem with the certificate authority and/or user, not SSL itself.All the article really boils down to is that SSL is useless if the client and server can't trust the certificate authority.
Which should be freaking obvious.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661954</id>
	<title>Re:You insensitice clod...</title>
	<author>Anonymous</author>
	<datestamp>1269855660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Let's hope they have better idea of how to configure it this time. No more blacklists, please.</htmltext>
<tokenext>Let 's hope they have better idea of how to configure it this time .
No more blacklists , please .</tokentext>
<sentencetext>Let's hope they have better idea of how to configure it this time.
No more blacklists, please.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661864</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668064</id>
	<title>Re:Geee!</title>
	<author>muckracer</author>
	<datestamp>1269946020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>&gt; <a href="http://www.wired.com/threatlevel/2010/03/packet-forensics/" title="wired.com">http://www.wired.com/threatlevel/2010/03/packet-forensics/</a> [wired.com]</p><p>&gt; The basic point is that in the status quo there is no double check and no<br>&gt; accountability," Schoen said. "So if Certificate Authorities are doing things<br>&gt; that they shouldn't, no one would know, no one would observe it. We think at<br>&gt; the very least there needs to be a double check."</p><p>And the tragic thing is, we pay A LOT of money for this nonsense. As far as I am concerned, the entire CA industry was from the get-go one of the biggest money-making scams ever. That TLA's etc. could get perfectly acceptable MITM-certificates was always clear because the implemented CA/SSL model purposefully twisted the notion of trust on both human and technological levels into absurdity. Hell, I am waiting for the revelation, that (some of) the CA-mega-cash-cows are actually NSA and/or Mossad and/or [a few more] front-ends and we have paid for the massive build-up and extension of Big Brother under the guise of security and protection, from, well...among other things...Big Brother!</p></htmltext>
<tokenext>&gt; http : //www.wired.com/threatlevel/2010/03/packet-forensics/ [ wired.com ] &gt; The basic point is that in the status quo there is no double check and no &gt; accountability , " Schoen said .
" So if Certificate Authorities are doing things &gt; that they should n't , no one would know , no one would observe it .
We think at &gt; the very least there needs to be a double check .
" And the tragic thing is , we pay A LOT of money for this nonsense .
As far as I am concerned , the entire CA industry was from the get-go one of the biggest money-making scams ever .
That TLA 's etc .
could get perfectly acceptable MITM-certificates was always clear because the implemented CA/SSL model purposefully twisted the notion of trust on both human and technological levels into absurdity .
Hell , I am waiting for the revelation , that ( some of ) the CA-mega-cash-cows are actually NSA and/or Mossad and/or [ a few more ] front-ends and we have paid for the massive build-up and extension of Big Brother under the guise of security and protection , from , well...among other things...Big Brother !</tokentext>
<sentencetext>&gt; http://www.wired.com/threatlevel/2010/03/packet-forensics/ [wired.com]&gt; The basic point is that in the status quo there is no double check and no&gt; accountability," Schoen said.
"So if Certificate Authorities are doing things&gt; that they shouldn't, no one would know, no one would observe it.
We think at&gt; the very least there needs to be a double check.
"And the tragic thing is, we pay A LOT of money for this nonsense.
As far as I am concerned, the entire CA industry was from the get-go one of the biggest money-making scams ever.
That TLA's etc.
could get perfectly acceptable MITM-certificates was always clear because the implemented CA/SSL model purposefully twisted the notion of trust on both human and technological levels into absurdity.
Hell, I am waiting for the revelation, that (some of) the CA-mega-cash-cows are actually NSA and/or Mossad and/or [a few more] front-ends and we have paid for the massive build-up and extension of Big Brother under the guise of security and protection, from, well...among other things...Big Brother!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662354</id>
	<title>Re:Geee!</title>
	<author>Anonymous</author>
	<datestamp>1269857520000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext><p>Like OMFG!  Mallory you are <i> <b>such</b> </i> a bitch!</p><p>- Alice</p></htmltext>
<tokenext>Like OMFG !
Mallory you are such a bitch ! - Alice</tokentext>
<sentencetext>Like OMFG!
Mallory you are  such  a bitch!- Alice</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668004</id>
	<title>Next you're telling me...</title>
	<author>unwesen</author>
	<datestamp>1269945240000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>... Duke Nukem Forever has ALSO been released.</p></htmltext>
<tokenext>... Duke Nukem Forever has ALSO been released .</tokentext>
<sentencetext>... Duke Nukem Forever has ALSO been released.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667428</id>
	<title>Re:CA do not have strong enough wording in denying</title>
	<author>Anonymous</author>
	<datestamp>1269981300000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Lets look at some of the quotes:</p><p>"I've read studies and heard speeches in academic circles that theorize that concept, but we never would issue a 'fake' SSL certificate,"</p><p>"we have never had a single instance where law enforcement asked us to do something inappropriate."</p><p>"Verisign has never issued a fake SSL certificate, and to do so would be against our policies," said vice president Tim Callan.</p><p>Lets see they can issue real certificates to the government for any domain that the government wants.  They feel that it is appropriate because they are helping the government.  The government probably said that they were helping to catch terrorists.</p><p>Is it possible to have a double or triple signed certificate so that several CA would have to sign?</p></htmltext>
<tokenext>Lets look at some of the quotes : " I 've read studies and heard speeches in academic circles that theorize that concept , but we never would issue a 'fake ' SSL certificate , " " we have never had a single instance where law enforcement asked us to do something inappropriate .
" " Verisign has never issued a fake SSL certificate , and to do so would be against our policies , " said vice president Tim Callan.Lets see they can issue real certificates to the government for any domain that the government wants .
They feel that it is appropriate because they are helping the government .
The government probably said that they were helping to catch terrorists.Is it possible to have a double or triple signed certificate so that several CA would have to sign ?</tokentext>
<sentencetext>Lets look at some of the quotes:"I've read studies and heard speeches in academic circles that theorize that concept, but we never would issue a 'fake' SSL certificate,""we have never had a single instance where law enforcement asked us to do something inappropriate.
""Verisign has never issued a fake SSL certificate, and to do so would be against our policies," said vice president Tim Callan.Lets see they can issue real certificates to the government for any domain that the government wants.
They feel that it is appropriate because they are helping the government.
The government probably said that they were helping to catch terrorists.Is it possible to have a double or triple signed certificate so that several CA would have to sign?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662120</id>
	<title>Perl dependency</title>
	<author>Anonymous</author>
	<datestamp>1269856500000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>Why the flip does it need to depend on perl5? I'll never get ssh running on 386BSD this way.</p></htmltext>
<tokenext>Why the flip does it need to depend on perl5 ?
I 'll never get ssh running on 386BSD this way .</tokentext>
<sentencetext>Why the flip does it need to depend on perl5?
I'll never get ssh running on 386BSD this way.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663392</id>
	<title>Re:Waaahoo!</title>
	<author>Hurricane78</author>
	<datestamp>1269862740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Woops, there is a bug: It accidentially the whole server!</p></htmltext>
<tokenext>Woops , there is a bug : It accidentially the whole server !</tokentext>
<sentencetext>Woops, there is a bug: It accidentially the whole server!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661952</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667798</id>
	<title>Re:Geee!</title>
	<author>PybusJ</author>
	<datestamp>1269942480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Mind you the world is larger than the USA, and if you think there are legal impediments to this happening in the US, there are certainly many parts of the world where the local government would not have any problem (moral or legal) in using such technology.</p><p>An attacker doesn't need a cert from the most trusted CA, the least trusted in any of dozens of countries round the world who operate CAs will do.</p><p>A CA who was caught doing this would probably be removed by all the browsers, but as yet there's no real mechanism for users to notice and make this known.</p></htmltext>
<tokenext>Mind you the world is larger than the USA , and if you think there are legal impediments to this happening in the US , there are certainly many parts of the world where the local government would not have any problem ( moral or legal ) in using such technology.An attacker does n't need a cert from the most trusted CA , the least trusted in any of dozens of countries round the world who operate CAs will do.A CA who was caught doing this would probably be removed by all the browsers , but as yet there 's no real mechanism for users to notice and make this known .</tokentext>
<sentencetext>Mind you the world is larger than the USA, and if you think there are legal impediments to this happening in the US, there are certainly many parts of the world where the local government would not have any problem (moral or legal) in using such technology.An attacker doesn't need a cert from the most trusted CA, the least trusted in any of dozens of countries round the world who operate CAs will do.A CA who was caught doing this would probably be removed by all the browsers, but as yet there's no real mechanism for users to notice and make this known.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662906</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31664518</id>
	<title>11 Years for version 1.0?</title>
	<author>Schraegstrichpunkt</author>
	<datestamp>1269868620000</datestamp>
	<modclass>Flamebait</modclass>
	<modscore>0</modscore>
	<htmltext>Eleven years for version 1.0?  This just goes to show that SSL is way too complicated.

<p>Go read Peter Gutmann's X.509 Style Guide if you want to cry.  If that doesn't work, try implementing an ASN.1 library from scratch.</p><p>I'll take SSH and SPKI any day over the X.509/TLS mess.</p></htmltext>
<tokenext>Eleven years for version 1.0 ?
This just goes to show that SSL is way too complicated .
Go read Peter Gutmann 's X.509 Style Guide if you want to cry .
If that does n't work , try implementing an ASN.1 library from scratch.I 'll take SSH and SPKI any day over the X.509/TLS mess .</tokentext>
<sentencetext>Eleven years for version 1.0?
This just goes to show that SSL is way too complicated.
Go read Peter Gutmann's X.509 Style Guide if you want to cry.
If that doesn't work, try implementing an ASN.1 library from scratch.I'll take SSH and SPKI any day over the X.509/TLS mess.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661864</id>
	<title>You insensitice clod...</title>
	<author>Anonymous</author>
	<datestamp>1269855240000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext>I'm running Debian stable so it'll be another 10 years until it hits the repos.</htmltext>
<tokenext>I 'm running Debian stable so it 'll be another 10 years until it hits the repos .</tokentext>
<sentencetext>I'm running Debian stable so it'll be another 10 years until it hits the repos.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663382</id>
	<title>Re:Geee!</title>
	<author>swillden</author>
	<datestamp>1269862680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>things would be much easier for both administrators and security guys (is there a proper name for them?) if the concepts of data encryption on the wire and authentication of the other party were separated both in protocol and implementation</p></div><p>They're not separable.  How can you have any assurance that your communications are secret if you don't know who you're talking to?

</p><p>Authentication can exist just fine without encryption, but if you want privacy you must have both authentication and encryption.</p></div>
	</htmltext>
<tokenext>things would be much easier for both administrators and security guys ( is there a proper name for them ?
) if the concepts of data encryption on the wire and authentication of the other party were separated both in protocol and implementationThey 're not separable .
How can you have any assurance that your communications are secret if you do n't know who you 're talking to ?
Authentication can exist just fine without encryption , but if you want privacy you must have both authentication and encryption .</tokentext>
<sentencetext>things would be much easier for both administrators and security guys (is there a proper name for them?
) if the concepts of data encryption on the wire and authentication of the other party were separated both in protocol and implementationThey're not separable.
How can you have any assurance that your communications are secret if you don't know who you're talking to?
Authentication can exist just fine without encryption, but if you want privacy you must have both authentication and encryption.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662256</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663018</id>
	<title>Re:Perl dependency</title>
	<author>Anonymous</author>
	<datestamp>1269860520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Why the flip does it need to depend on perl5? I'll never get ssh running on 386BSD this way.</p></div><p>It has a circular dependence with Net::SSLeay</p></div>
	</htmltext>
<tokenext>Why the flip does it need to depend on perl5 ?
I 'll never get ssh running on 386BSD this way.It has a circular dependence with Net : : SSLeay</tokentext>
<sentencetext>Why the flip does it need to depend on perl5?
I'll never get ssh running on 386BSD this way.It has a circular dependence with Net::SSLeay
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662120</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661976</id>
	<title>And in the better-late-than-never department</title>
	<author>Accidental Angel</author>
	<datestamp>1269855780000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext><p>From the Changelog:</p><blockquote><div><ul>
<li>BeOS support.</li>
</ul></div>
</blockquote></div>
	</htmltext>
<tokenext>From the Changelog : BeOS support .</tokentext>
<sentencetext>From the Changelog:
BeOS support.


	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662440</id>
	<title>ubuntu is coming..</title>
	<author>Anonymous</author>
	<datestamp>1269857820000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>and so do many other stuff, just getting ready to be included in the next LTS version, which should be installed in a number of computers that just a few years ago no one could have even imagined.</p><p>So.. just coincidence? should we really thank canonical for this version-number pushing effort? It looks this way.</p><p>Regards</p></htmltext>
<tokenext>and so do many other stuff , just getting ready to be included in the next LTS version , which should be installed in a number of computers that just a few years ago no one could have even imagined.So.. just coincidence ?
should we really thank canonical for this version-number pushing effort ?
It looks this way.Regards</tokentext>
<sentencetext>and so do many other stuff, just getting ready to be included in the next LTS version, which should be installed in a number of computers that just a few years ago no one could have even imagined.So.. just coincidence?
should we really thank canonical for this version-number pushing effort?
It looks this way.Regards</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661952</id>
	<title>Waaahoo!</title>
	<author>Anonymous</author>
	<datestamp>1269855660000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p>Fantastic! It's finally ready for production use! I can't until websites start using openssl! And I'll even be able to use a secure shell! Awesome!!</p></htmltext>
<tokenext>Fantastic !
It 's finally ready for production use !
I ca n't until websites start using openssl !
And I 'll even be able to use a secure shell !
Awesome ! !</tokentext>
<sentencetext>Fantastic!
It's finally ready for production use!
I can't until websites start using openssl!
And I'll even be able to use a secure shell!
Awesome!!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31666368</id>
	<title>Re:Geee!</title>
	<author>Wingman 5</author>
	<datestamp>1269882660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I agree that this most likely will not happen in the US for the same reasons you stated. However, I do not see this out of the realm of possibility of a more oppressive government like China or N. Korea.</p></htmltext>
<tokenext>I agree that this most likely will not happen in the US for the same reasons you stated .
However , I do not see this out of the realm of possibility of a more oppressive government like China or N. Korea .</tokentext>
<sentencetext>I agree that this most likely will not happen in the US for the same reasons you stated.
However, I do not see this out of the realm of possibility of a more oppressive government like China or N. Korea.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662906</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662868</id>
	<title>Re:Geee!</title>
	<author>QuantumRiff</author>
	<datestamp>1269859740000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>You mean like DNSSEC?</p><p>You can ensure that you are really talking to your bank. If they wanted to (and if the browser was okay with it) they could then publish their public key into their signed DNS, and not only would you know they were them, but that their self signed key was okay. Of course, it takes those poor little certificate authorties out of the picture in many cases, which is why they (verisign does both root DNS servers, and certificates) seem to have been so darn slow to implement it. You could literally "walk the tree" from the root DNS zone to your address you are looking at, and make sure they are all valid.</p></htmltext>
<tokenext>You mean like DNSSEC ? You can ensure that you are really talking to your bank .
If they wanted to ( and if the browser was okay with it ) they could then publish their public key into their signed DNS , and not only would you know they were them , but that their self signed key was okay .
Of course , it takes those poor little certificate authorties out of the picture in many cases , which is why they ( verisign does both root DNS servers , and certificates ) seem to have been so darn slow to implement it .
You could literally " walk the tree " from the root DNS zone to your address you are looking at , and make sure they are all valid .</tokentext>
<sentencetext>You mean like DNSSEC?You can ensure that you are really talking to your bank.
If they wanted to (and if the browser was okay with it) they could then publish their public key into their signed DNS, and not only would you know they were them, but that their self signed key was okay.
Of course, it takes those poor little certificate authorties out of the picture in many cases, which is why they (verisign does both root DNS servers, and certificates) seem to have been so darn slow to implement it.
You could literally "walk the tree" from the root DNS zone to your address you are looking at, and make sure they are all valid.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662256</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661966</id>
	<title>The worst documentation I've ever seen</title>
	<author>Anonymous</author>
	<datestamp>1269855720000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>0</modscore>
	<htmltext><p>Version 1.0 and I'm sure the docs are all outdated as they always have been. They really need to get their shit together when it comes to some decent documentation.</p></htmltext>
<tokenext>Version 1.0 and I 'm sure the docs are all outdated as they always have been .
They really need to get their shit together when it comes to some decent documentation .</tokentext>
<sentencetext>Version 1.0 and I'm sure the docs are all outdated as they always have been.
They really need to get their shit together when it comes to some decent documentation.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31665496</id>
	<title>Re:OHH MY EYES!!</title>
	<author>Tetch</author>
	<datestamp>1269875040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><i>&gt; their site looks like 1990s took a trip to the future and vomited</i>

<p>I echo my sibling's comment in that I have no problem at all with the website's style - I'd far rather have a simplistic straightforward HTML-driven site than some stupid Javascript-redirect-driven graphic-design student project. This is really <b>important</b> for security-related software distribution sites where it's necessary to be absolutely sure where your downloads are coming from.</p><p>The site <i>does</i> however have some problems with organisation of content - e.g. it'd be nice if they followed some more de-facto site-<i>structure</i> conventions like having a "Downloads" link to a page which provides the source tarballs, and states explicitly that there are no binaries available<nobr> <wbr></nobr>... and maybe even provides links to the more common Linux distro repositories where binaries may be found, even places where (gasp) Windows binaries can be found<nobr> <wbr></nobr>.... like <a href="http://www.stunnel.org/download/binaries.html" title="stunnel.org" rel="nofollow">http://www.stunnel.org/download/binaries.html</a> [stunnel.org] (the place I always used to go to get my Windows OpenSSL binaries, but which seems a little unmaintained these days)<nobr> <wbr></nobr>.... or <a href="http://www.slproweb.com/products/Win32OpenSSL.html" title="slproweb.com" rel="nofollow">http://www.slproweb.com/products/Win32OpenSSL.html</a> [slproweb.com] (which is a lot more up to date, and professionally organised). </p><p>There <i>is</i> an openssl.org page with info about Win32 binaries<nobr> <wbr></nobr>:<br>
<a href="http://www.openssl.org/related/binaries.html" title="openssl.org" rel="nofollow">http://www.openssl.org/related/binaries.html</a> [openssl.org]
<br>(which links to the www.slproweb.com site) but it's not easy to find (IMHO).

</p><p>And then there's the awful documentation, as many others have mentioned. I'd offer to help out with that if I was half-way crypto-competent enough to do so.</p><p>But the site's retro style is fine<nobr> <wbr></nobr>... the use of colours is restful on the eyes, and avoids use of the stupid 2-point flyspec fonts so beloved of those whose eyes are much younger than mine and who aren't worrying about damaging them<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>&gt; their site looks like 1990s took a trip to the future and vomited I echo my sibling 's comment in that I have no problem at all with the website 's style - I 'd far rather have a simplistic straightforward HTML-driven site than some stupid Javascript-redirect-driven graphic-design student project .
This is really important for security-related software distribution sites where it 's necessary to be absolutely sure where your downloads are coming from.The site does however have some problems with organisation of content - e.g .
it 'd be nice if they followed some more de-facto site-structure conventions like having a " Downloads " link to a page which provides the source tarballs , and states explicitly that there are no binaries available ... and maybe even provides links to the more common Linux distro repositories where binaries may be found , even places where ( gasp ) Windows binaries can be found .... like http : //www.stunnel.org/download/binaries.html [ stunnel.org ] ( the place I always used to go to get my Windows OpenSSL binaries , but which seems a little unmaintained these days ) .... or http : //www.slproweb.com/products/Win32OpenSSL.html [ slproweb.com ] ( which is a lot more up to date , and professionally organised ) .
There is an openssl.org page with info about Win32 binaries : http : //www.openssl.org/related/binaries.html [ openssl.org ] ( which links to the www.slproweb.com site ) but it 's not easy to find ( IMHO ) .
And then there 's the awful documentation , as many others have mentioned .
I 'd offer to help out with that if I was half-way crypto-competent enough to do so.But the site 's retro style is fine ... the use of colours is restful on the eyes , and avoids use of the stupid 2-point flyspec fonts so beloved of those whose eyes are much younger than mine and who are n't worrying about damaging them : )</tokentext>
<sentencetext>&gt; their site looks like 1990s took a trip to the future and vomited

I echo my sibling's comment in that I have no problem at all with the website's style - I'd far rather have a simplistic straightforward HTML-driven site than some stupid Javascript-redirect-driven graphic-design student project.
This is really important for security-related software distribution sites where it's necessary to be absolutely sure where your downloads are coming from.The site does however have some problems with organisation of content - e.g.
it'd be nice if they followed some more de-facto site-structure conventions like having a "Downloads" link to a page which provides the source tarballs, and states explicitly that there are no binaries available ... and maybe even provides links to the more common Linux distro repositories where binaries may be found, even places where (gasp) Windows binaries can be found .... like http://www.stunnel.org/download/binaries.html [stunnel.org] (the place I always used to go to get my Windows OpenSSL binaries, but which seems a little unmaintained these days) .... or http://www.slproweb.com/products/Win32OpenSSL.html [slproweb.com] (which is a lot more up to date, and professionally organised).
There is an openssl.org page with info about Win32 binaries :
http://www.openssl.org/related/binaries.html [openssl.org]
(which links to the www.slproweb.com site) but it's not easy to find (IMHO).
And then there's the awful documentation, as many others have mentioned.
I'd offer to help out with that if I was half-way crypto-competent enough to do so.But the site's retro style is fine ... the use of colours is restful on the eyes, and avoids use of the stupid 2-point flyspec fonts so beloved of those whose eyes are much younger than mine and who aren't worrying about damaging them :)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661948</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662906</id>
	<title>Re:Geee!</title>
	<author>mandelbr0t</author>
	<datestamp>1269859980000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>To use the Packet Forensics box, a law enforcement or intelligence agency would have to install it inside an ISP, and persuade one of the Certificate Authorities &mdash; using money, blackmail or legal process &mdash; to issue a fake certificate for the targeted website. Then they could capture your username and password, and be able to see whatever transactions you make online.</p></div><p>This is kind of an important paragraph too. Sure, it's possible to make an appliance that does that, but it is not as simple as the FBI (or any other three-letter organization) buying the boxes. There's a serious legal/technical issue that needs to be overcome as well. Sure, warrantless wiretapping might make some of this possible, but to legally force a Certificate Authority to issue a fake certificate? No Certificate Authority worth anything would undermine their integrity in this fashion, and any law that would force them to do so in certain circumstances is effectively giving the government the right to commit forgery in the name of justice. Such a law would be the pinnacle of hypocrisy. Don't get me wrong; I don't underestimate the erosion of freedom in the United States, but I'm having a hard time believing that any government would act with such impunity. I was unable to find any example of a law enforcement agency using forged documents to entrap a suspect, probably because such evidence would not hold up in any court that truly represented justice.</p></div>
	</htmltext>
<tokenext>To use the Packet Forensics box , a law enforcement or intelligence agency would have to install it inside an ISP , and persuade one of the Certificate Authorities    using money , blackmail or legal process    to issue a fake certificate for the targeted website .
Then they could capture your username and password , and be able to see whatever transactions you make online.This is kind of an important paragraph too .
Sure , it 's possible to make an appliance that does that , but it is not as simple as the FBI ( or any other three-letter organization ) buying the boxes .
There 's a serious legal/technical issue that needs to be overcome as well .
Sure , warrantless wiretapping might make some of this possible , but to legally force a Certificate Authority to issue a fake certificate ?
No Certificate Authority worth anything would undermine their integrity in this fashion , and any law that would force them to do so in certain circumstances is effectively giving the government the right to commit forgery in the name of justice .
Such a law would be the pinnacle of hypocrisy .
Do n't get me wrong ; I do n't underestimate the erosion of freedom in the United States , but I 'm having a hard time believing that any government would act with such impunity .
I was unable to find any example of a law enforcement agency using forged documents to entrap a suspect , probably because such evidence would not hold up in any court that truly represented justice .</tokentext>
<sentencetext>To use the Packet Forensics box, a law enforcement or intelligence agency would have to install it inside an ISP, and persuade one of the Certificate Authorities — using money, blackmail or legal process — to issue a fake certificate for the targeted website.
Then they could capture your username and password, and be able to see whatever transactions you make online.This is kind of an important paragraph too.
Sure, it's possible to make an appliance that does that, but it is not as simple as the FBI (or any other three-letter organization) buying the boxes.
There's a serious legal/technical issue that needs to be overcome as well.
Sure, warrantless wiretapping might make some of this possible, but to legally force a Certificate Authority to issue a fake certificate?
No Certificate Authority worth anything would undermine their integrity in this fashion, and any law that would force them to do so in certain circumstances is effectively giving the government the right to commit forgery in the name of justice.
Such a law would be the pinnacle of hypocrisy.
Don't get me wrong; I don't underestimate the erosion of freedom in the United States, but I'm having a hard time believing that any government would act with such impunity.
I was unable to find any example of a law enforcement agency using forged documents to entrap a suspect, probably because such evidence would not hold up in any court that truly represented justice.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663196</id>
	<title>1.0, eh?</title>
	<author>Anonymous</author>
	<datestamp>1269861600000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>So surely that means it's gotten rid of all that certificate nonsense, right?</p></htmltext>
<tokenext>So surely that means it 's gotten rid of all that certificate nonsense , right ?</tokentext>
<sentencetext>So surely that means it's gotten rid of all that certificate nonsense, right?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31664156</id>
	<title>Re:Perl dependency</title>
	<author>Anonymous</author>
	<datestamp>1269866820000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>You can take up issues like this here:<br>http://www.openssl.org/support/rt.html<br>Although I must say that I'm sort of disappointed that it doesn't have a real open bug tracker, like most other projects.</p></htmltext>
<tokenext>You can take up issues like this here : http : //www.openssl.org/support/rt.htmlAlthough I must say that I 'm sort of disappointed that it does n't have a real open bug tracker , like most other projects .</tokentext>
<sentencetext>You can take up issues like this here:http://www.openssl.org/support/rt.htmlAlthough I must say that I'm sort of disappointed that it doesn't have a real open bug tracker, like most other projects.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662120</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663550</id>
	<title>Re:I have great respect for the OpenSSL project...</title>
	<author>Hurricane78</author>
	<datestamp>1269863460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You mean the WINDOWS approach. You know that MS started that &ldquo;trend&rdquo;, and that we all hated it, back then?<br>We still do, for the same reasons.</p><p>Also, software doesn&rsquo;t go stale, so your &ldquo;argument&rdquo; is false. If there is nothing to change, because it is fine as it is, and nobody finds bugs despite searching for them, would you stop using a program, just because it&rsquo;s older??</p><p>The reason MS introduced date version numbers, was to HIDE that actually not much changed, and that a update wasn&rsquo;t worth at all. Because their incomes depended on us buying yet another &ldquo;new&rdquo; version.<br>Now they went back to version numbers.</p><p>The really sad thing is, that the open source desktop groups imitate every little completely retarded change from MS (who itself imitate(d|s) Apple, Xerox and others). But cares, to make it that little bit worse and more annoying. KDE is a perfect example. The Kicker menu, the file browser, etc. You could put a Windows skin on it, rename the menu entries, and you would only know the difference to Windows by which one is more annoying. (Dolphin even still imitates things that MS did in Windows 95, like the single-click interface, and that they realized was a horrible idea, a bit later.)<br>I wish they would grow some balls, stop using the &ldquo;newbie&rdquo; excuse, and show that they can lead the way into something <em>better</em>, instead of guaranteeing to never ever surpass MS, by just imitating every crappy thing from them as a self-enforced eternal bridesmate.</p></htmltext>
<tokenext>You mean the WINDOWS approach .
You know that MS started that    trend    , and that we all hated it , back then ? We still do , for the same reasons.Also , software doesn    t go stale , so your    argument    is false .
If there is nothing to change , because it is fine as it is , and nobody finds bugs despite searching for them , would you stop using a program , just because it    s older ?
? The reason MS introduced date version numbers , was to HIDE that actually not much changed , and that a update wasn    t worth at all .
Because their incomes depended on us buying yet another    new    version.Now they went back to version numbers.The really sad thing is , that the open source desktop groups imitate every little completely retarded change from MS ( who itself imitate ( d | s ) Apple , Xerox and others ) .
But cares , to make it that little bit worse and more annoying .
KDE is a perfect example .
The Kicker menu , the file browser , etc .
You could put a Windows skin on it , rename the menu entries , and you would only know the difference to Windows by which one is more annoying .
( Dolphin even still imitates things that MS did in Windows 95 , like the single-click interface , and that they realized was a horrible idea , a bit later .
) I wish they would grow some balls , stop using the    newbie    excuse , and show that they can lead the way into something better , instead of guaranteeing to never ever surpass MS , by just imitating every crappy thing from them as a self-enforced eternal bridesmate .</tokentext>
<sentencetext>You mean the WINDOWS approach.
You know that MS started that “trend”, and that we all hated it, back then?We still do, for the same reasons.Also, software doesn’t go stale, so your “argument” is false.
If there is nothing to change, because it is fine as it is, and nobody finds bugs despite searching for them, would you stop using a program, just because it’s older?
?The reason MS introduced date version numbers, was to HIDE that actually not much changed, and that a update wasn’t worth at all.
Because their incomes depended on us buying yet another “new” version.Now they went back to version numbers.The really sad thing is, that the open source desktop groups imitate every little completely retarded change from MS (who itself imitate(d|s) Apple, Xerox and others).
But cares, to make it that little bit worse and more annoying.
KDE is a perfect example.
The Kicker menu, the file browser, etc.
You could put a Windows skin on it, rename the menu entries, and you would only know the difference to Windows by which one is more annoying.
(Dolphin even still imitates things that MS did in Windows 95, like the single-click interface, and that they realized was a horrible idea, a bit later.
)I wish they would grow some balls, stop using the “newbie” excuse, and show that they can lead the way into something better, instead of guaranteeing to never ever surpass MS, by just imitating every crappy thing from them as a self-enforced eternal bridesmate.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662118</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663160</id>
	<title>Re:1.0 they finally got it right!</title>
	<author>GuruBuckaroo</author>
	<datestamp>1269861360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>I'm waiting until Service Pack 2.</htmltext>
<tokenext>I 'm waiting until Service Pack 2 .</tokentext>
<sentencetext>I'm waiting until Service Pack 2.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662092</id>
	<title>Interesting....</title>
	<author>Seakip18</author>
	<datestamp>1269856380000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>Looking over the changelog, it appears Google sponsored alot of the changes.</p><p>Guess they wanted to make sure openSSL is a good bit more secure, being that it's a hot button issue and all.</p></htmltext>
<tokenext>Looking over the changelog , it appears Google sponsored alot of the changes.Guess they wanted to make sure openSSL is a good bit more secure , being that it 's a hot button issue and all .</tokentext>
<sentencetext>Looking over the changelog, it appears Google sponsored alot of the changes.Guess they wanted to make sure openSSL is a good bit more secure, being that it's a hot button issue and all.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662118</id>
	<title>I have great respect for the OpenSSL project...</title>
	<author>Max Romantschuk</author>
	<datestamp>1269856500000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>0</modscore>
	<htmltext><p>...but when it comes to version numbers I've grown fond of Ubuntu's approach, with month and year as the version. It makes it very simple to tell if you have a fresh or stale copy of something.</p><p>But then again, OpenSSL is a library. Version numbering schemes hardly matter for something like that.</p></htmltext>
<tokenext>...but when it comes to version numbers I 've grown fond of Ubuntu 's approach , with month and year as the version .
It makes it very simple to tell if you have a fresh or stale copy of something.But then again , OpenSSL is a library .
Version numbering schemes hardly matter for something like that .</tokentext>
<sentencetext>...but when it comes to version numbers I've grown fond of Ubuntu's approach, with month and year as the version.
It makes it very simple to tell if you have a fresh or stale copy of something.But then again, OpenSSL is a library.
Version numbering schemes hardly matter for something like that.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662318</id>
	<title>Can't wait for the IPad App!</title>
	<author>goffster</author>
	<datestamp>1269857340000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>0</modscore>
	<htmltext><p>Iphone OS  45.6 ?</p></htmltext>
<tokenext>Iphone OS 45.6 ?</tokentext>
<sentencetext>Iphone OS  45.6 ?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667622</id>
	<title>Re:I have great respect for the OpenSSL project...</title>
	<author>richlv</author>
	<datestamp>1269940200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>er, wait. as a kde user, i'm still on kde3, and i could have many complaints about kde4. but...</p><p>1. kicker is actually very nice. and i'm saying that as a quite conservative user<nobr> <wbr></nobr>:)<br>one *annoying* thing in kde3 version (as per suse) - it opens when mouse is moved in the lower left corner. i hope that thing is at least configurable in kde4, though.</p><p>2. single click is actually good... if implemented correctly (which ms never did, which is one of the main reasons it pretty much died off).<br>and the select/unselect method dolphin provides is extremely cool (even if i use console for my file management needs 95\% of the time) - i find myself missing it when using kde3 daily for some photo sorting.<br>besides, you can set kde to doubleclick - although i don't remember where exactly, i set it to be like that only for the first few months when i switched from windows<nobr> <wbr></nobr>:) (and that was around kde2/3)</p></htmltext>
<tokenext>er , wait .
as a kde user , i 'm still on kde3 , and i could have many complaints about kde4 .
but...1. kicker is actually very nice .
and i 'm saying that as a quite conservative user : ) one * annoying * thing in kde3 version ( as per suse ) - it opens when mouse is moved in the lower left corner .
i hope that thing is at least configurable in kde4 , though.2 .
single click is actually good... if implemented correctly ( which ms never did , which is one of the main reasons it pretty much died off ) .and the select/unselect method dolphin provides is extremely cool ( even if i use console for my file management needs 95 \ % of the time ) - i find myself missing it when using kde3 daily for some photo sorting.besides , you can set kde to doubleclick - although i do n't remember where exactly , i set it to be like that only for the first few months when i switched from windows : ) ( and that was around kde2/3 )</tokentext>
<sentencetext>er, wait.
as a kde user, i'm still on kde3, and i could have many complaints about kde4.
but...1. kicker is actually very nice.
and i'm saying that as a quite conservative user :)one *annoying* thing in kde3 version (as per suse) - it opens when mouse is moved in the lower left corner.
i hope that thing is at least configurable in kde4, though.2.
single click is actually good... if implemented correctly (which ms never did, which is one of the main reasons it pretty much died off).and the select/unselect method dolphin provides is extremely cool (even if i use console for my file management needs 95\% of the time) - i find myself missing it when using kde3 daily for some photo sorting.besides, you can set kde to doubleclick - although i don't remember where exactly, i set it to be like that only for the first few months when i switched from windows :) (and that was around kde2/3)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663550</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</id>
	<title>Geee!</title>
	<author>Philip K Dickhead</author>
	<datestamp>1269855540000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>Just in time for commonplace MiTM spoofing.</p><p><div class="quote"><p>That little lock on your browser window indicating you are communicating securely with your bank or e-mail account may not always mean what you think its means.</p><p>Normally when a user visits a secure website, such as Bank of America, Gmail, PayPal or eBay, the browser examines the website's certificate to verify its authenticity.</p><p>At a recent wiretapping convention, however, security researcher Chris Soghoian discovered that a small company was marketing internet spying boxes to the feds. The boxes were designed to intercept those communications -- without breaking the encryption -- by using forged security certificates, instead of the real ones that websites use to verify secure connections. To use the appliance, the government would need to acquire a forged certificate from any one of more than 100 trusted Certificate Authorities.</p><p>The attack is a classic man-in-the-middle attack, where Alice thinks she is talking directly to Bob, but instead Mallory found a way to get in the middle and pass the messages back and forth without Alice or Bob knowing she was there.</p><p>The existence of a marketed product indicates the vulnerability is likely being exploited by more than just information-hungry governments, according to leading encryption expert Matt Blaze, a computer science professor at University of Pennsylvania.</p><p>"If the company is selling this to law enforcement and the intelligence community, it is not that large a leap to conclude that other, more malicious people have worked out the details of how to exploit this," Blaze said.</p></div><p> <a href="http://www.wired.com/threatlevel/2010/03/packet-forensics/" title="wired.com" rel="nofollow">http://www.wired.com/threatlevel/2010/03/packet-forensics/</a> [wired.com]</p></div>
	</htmltext>
<tokenext>Just in time for commonplace MiTM spoofing.That little lock on your browser window indicating you are communicating securely with your bank or e-mail account may not always mean what you think its means.Normally when a user visits a secure website , such as Bank of America , Gmail , PayPal or eBay , the browser examines the website 's certificate to verify its authenticity.At a recent wiretapping convention , however , security researcher Chris Soghoian discovered that a small company was marketing internet spying boxes to the feds .
The boxes were designed to intercept those communications -- without breaking the encryption -- by using forged security certificates , instead of the real ones that websites use to verify secure connections .
To use the appliance , the government would need to acquire a forged certificate from any one of more than 100 trusted Certificate Authorities.The attack is a classic man-in-the-middle attack , where Alice thinks she is talking directly to Bob , but instead Mallory found a way to get in the middle and pass the messages back and forth without Alice or Bob knowing she was there.The existence of a marketed product indicates the vulnerability is likely being exploited by more than just information-hungry governments , according to leading encryption expert Matt Blaze , a computer science professor at University of Pennsylvania .
" If the company is selling this to law enforcement and the intelligence community , it is not that large a leap to conclude that other , more malicious people have worked out the details of how to exploit this , " Blaze said .
http : //www.wired.com/threatlevel/2010/03/packet-forensics/ [ wired.com ]</tokentext>
<sentencetext>Just in time for commonplace MiTM spoofing.That little lock on your browser window indicating you are communicating securely with your bank or e-mail account may not always mean what you think its means.Normally when a user visits a secure website, such as Bank of America, Gmail, PayPal or eBay, the browser examines the website's certificate to verify its authenticity.At a recent wiretapping convention, however, security researcher Chris Soghoian discovered that a small company was marketing internet spying boxes to the feds.
The boxes were designed to intercept those communications -- without breaking the encryption -- by using forged security certificates, instead of the real ones that websites use to verify secure connections.
To use the appliance, the government would need to acquire a forged certificate from any one of more than 100 trusted Certificate Authorities.The attack is a classic man-in-the-middle attack, where Alice thinks she is talking directly to Bob, but instead Mallory found a way to get in the middle and pass the messages back and forth without Alice or Bob knowing she was there.The existence of a marketed product indicates the vulnerability is likely being exploited by more than just information-hungry governments, according to leading encryption expert Matt Blaze, a computer science professor at University of Pennsylvania.
"If the company is selling this to law enforcement and the intelligence community, it is not that large a leap to conclude that other, more malicious people have worked out the details of how to exploit this," Blaze said.
http://www.wired.com/threatlevel/2010/03/packet-forensics/ [wired.com]
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661938</id>
	<title>Obligatory meme</title>
	<author>Anonymous</author>
	<datestamp>1269855660000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext>Be sure to encrypt your Ovaltine!</htmltext>
<tokenext>Be sure to encrypt your Ovaltine !</tokentext>
<sentencetext>Be sure to encrypt your Ovaltine!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667596</id>
	<title>Re:1.0 they finally got it right!</title>
	<author>L4t3r4lu5</author>
	<datestamp>1269939900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It is widely understood that when converting version numbers between closed-source and open-source revision schemes, you should always shift the decimal point one space to the left.<br> <br>ClosedSource 1.0 = OpenSource 0.1</htmltext>
<tokenext>It is widely understood that when converting version numbers between closed-source and open-source revision schemes , you should always shift the decimal point one space to the left .
ClosedSource 1.0 = OpenSource 0.1</tokentext>
<sentencetext>It is widely understood that when converting version numbers between closed-source and open-source revision schemes, you should always shift the decimal point one space to the left.
ClosedSource 1.0 = OpenSource 0.1</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662936</id>
	<title>Re:1.0 they finally got it right!</title>
	<author>c++0xFF</author>
	<datestamp>1269860100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Everybody knows 1.0 of anything is full of bugs.</p></div><p>This is actually changing somewhat, at least when it comes to open source.  Go through the repository for any major Linux distro and note how many pre-1.0 packages there are.  They may be "pre-release," but that doesn't mean that the quality is terrible.</p><p>Remember that an increment in the major version indicates a significant "milestone" of one type or another.  Traditionally, the milestone has been the addition of a major set of features.  But some open-source packages are using it to mean "release quality."  In other words, 1.0 is actually very stable and feature-complete, and that's the milestone that's been achieved to warrant the major-version change.</p><p>That's not to say this is universal.  A well-known example would be KDE 4.0 (please, let's keep flames, trolls, and holy wars to a minimum), which was a huge leap from the 3.x series.  The jump made the major-version change necessary, but everybody admits that it was never ready (nor meant to be ready) for daily use.</p><p>In the commercial world, however, releases mark a money-making milestone: the company can now market a large set of new features to sell!  "Now with more bugs!" should be on the box.  That's why the traditional model of software versions makes you wary of the big 1.0.</p></div>
	</htmltext>
<tokenext>Everybody knows 1.0 of anything is full of bugs.This is actually changing somewhat , at least when it comes to open source .
Go through the repository for any major Linux distro and note how many pre-1.0 packages there are .
They may be " pre-release , " but that does n't mean that the quality is terrible.Remember that an increment in the major version indicates a significant " milestone " of one type or another .
Traditionally , the milestone has been the addition of a major set of features .
But some open-source packages are using it to mean " release quality .
" In other words , 1.0 is actually very stable and feature-complete , and that 's the milestone that 's been achieved to warrant the major-version change.That 's not to say this is universal .
A well-known example would be KDE 4.0 ( please , let 's keep flames , trolls , and holy wars to a minimum ) , which was a huge leap from the 3.x series .
The jump made the major-version change necessary , but everybody admits that it was never ready ( nor meant to be ready ) for daily use.In the commercial world , however , releases mark a money-making milestone : the company can now market a large set of new features to sell !
" Now with more bugs !
" should be on the box .
That 's why the traditional model of software versions makes you wary of the big 1.0 .</tokentext>
<sentencetext>Everybody knows 1.0 of anything is full of bugs.This is actually changing somewhat, at least when it comes to open source.
Go through the repository for any major Linux distro and note how many pre-1.0 packages there are.
They may be "pre-release," but that doesn't mean that the quality is terrible.Remember that an increment in the major version indicates a significant "milestone" of one type or another.
Traditionally, the milestone has been the addition of a major set of features.
But some open-source packages are using it to mean "release quality.
"  In other words, 1.0 is actually very stable and feature-complete, and that's the milestone that's been achieved to warrant the major-version change.That's not to say this is universal.
A well-known example would be KDE 4.0 (please, let's keep flames, trolls, and holy wars to a minimum), which was a huge leap from the 3.x series.
The jump made the major-version change necessary, but everybody admits that it was never ready (nor meant to be ready) for daily use.In the commercial world, however, releases mark a money-making milestone: the company can now market a large set of new features to sell!
"Now with more bugs!
" should be on the box.
That's why the traditional model of software versions makes you wary of the big 1.0.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662068</id>
	<title>Documentation</title>
	<author>Anonymous</author>
	<datestamp>1269856260000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>openssl(1): [STILL INCOMPLETE]<br>ssl(3): [STILL INCOMPLETE]<br>crypto(3): [STILL INCOMPLETE]<br>HOWTO: [STILL INCOMPLETE]</p><p>I would trade in the last 12 months worth of OpenSSL development for some decent documentation.  [STILL INCOMPLETE] is a half truth as well; the complete bits suck in novel ways.</p></htmltext>
<tokenext>openssl ( 1 ) : [ STILL INCOMPLETE ] ssl ( 3 ) : [ STILL INCOMPLETE ] crypto ( 3 ) : [ STILL INCOMPLETE ] HOWTO : [ STILL INCOMPLETE ] I would trade in the last 12 months worth of OpenSSL development for some decent documentation .
[ STILL INCOMPLETE ] is a half truth as well ; the complete bits suck in novel ways .</tokentext>
<sentencetext>openssl(1): [STILL INCOMPLETE]ssl(3): [STILL INCOMPLETE]crypto(3): [STILL INCOMPLETE]HOWTO: [STILL INCOMPLETE]I would trade in the last 12 months worth of OpenSSL development for some decent documentation.
[STILL INCOMPLETE] is a half truth as well; the complete bits suck in novel ways.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662256</id>
	<title>Re:Geee!</title>
	<author>Enleth</author>
	<datestamp>1269857040000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>The issue is the one of encryption vs. authentication vs. both at the same time, and the fact that SSL/TLS was designed to provide both at the same time only, without any sane way to provide just one of those things at a time, as opposed to, e.g., PGP.</p><p>I'm no cryptographer, just a part-time server administrator (and other things too, but this is irrelevant), but my experience, together with plain, old common sense tells me that things would be much easier for both administrators and security guys (is there a proper name for them?) if the concepts of data encryption on the wire and authentication of the other party were separated both in protocol and implementation. Besides the obvious benefit of being able to encrypt the connection without those silly, cartel-provided certificates (even without indicating anything at all to the user, so they don't get a false sense of having more security in place than there is, default encryption of the most popular protocols would do much to thwart all but the most determined wiretapping and eavesdropping attempts), such a separation into two distinct technologies should make it a lot harder to break both things at the same time, and a lot easier to fix any single one of them that someone managed to break without affecting the other.</p><p>Of course I could be wrong, and even if I'm not, there's too much inertia in technology and too much money in the SLL certificate cartels for anything to change in this direction, but at least I still have my right to rant a little bit.</p></htmltext>
<tokenext>The issue is the one of encryption vs. authentication vs. both at the same time , and the fact that SSL/TLS was designed to provide both at the same time only , without any sane way to provide just one of those things at a time , as opposed to , e.g. , PGP.I 'm no cryptographer , just a part-time server administrator ( and other things too , but this is irrelevant ) , but my experience , together with plain , old common sense tells me that things would be much easier for both administrators and security guys ( is there a proper name for them ?
) if the concepts of data encryption on the wire and authentication of the other party were separated both in protocol and implementation .
Besides the obvious benefit of being able to encrypt the connection without those silly , cartel-provided certificates ( even without indicating anything at all to the user , so they do n't get a false sense of having more security in place than there is , default encryption of the most popular protocols would do much to thwart all but the most determined wiretapping and eavesdropping attempts ) , such a separation into two distinct technologies should make it a lot harder to break both things at the same time , and a lot easier to fix any single one of them that someone managed to break without affecting the other.Of course I could be wrong , and even if I 'm not , there 's too much inertia in technology and too much money in the SLL certificate cartels for anything to change in this direction , but at least I still have my right to rant a little bit .</tokentext>
<sentencetext>The issue is the one of encryption vs. authentication vs. both at the same time, and the fact that SSL/TLS was designed to provide both at the same time only, without any sane way to provide just one of those things at a time, as opposed to, e.g., PGP.I'm no cryptographer, just a part-time server administrator (and other things too, but this is irrelevant), but my experience, together with plain, old common sense tells me that things would be much easier for both administrators and security guys (is there a proper name for them?
) if the concepts of data encryption on the wire and authentication of the other party were separated both in protocol and implementation.
Besides the obvious benefit of being able to encrypt the connection without those silly, cartel-provided certificates (even without indicating anything at all to the user, so they don't get a false sense of having more security in place than there is, default encryption of the most popular protocols would do much to thwart all but the most determined wiretapping and eavesdropping attempts), such a separation into two distinct technologies should make it a lot harder to break both things at the same time, and a lot easier to fix any single one of them that someone managed to break without affecting the other.Of course I could be wrong, and even if I'm not, there's too much inertia in technology and too much money in the SLL certificate cartels for anything to change in this direction, but at least I still have my right to rant a little bit.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31671314</id>
	<title>Re:I have great respect for the OpenSSL project...</title>
	<author>Anonymous</author>
	<datestamp>1269966060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>...but when it comes to version numbers I've grown fond of Ubuntu's approach, with month and year as the version. It makes it very simple to tell if you have a fresh or stale copy of something.</p></div><p>But<nobr> <wbr></nobr>... that's what they did?<nobr> <wbr></nobr>... just remove the dot and from 1.0<nobr> <wbr></nobr>... and you get?</p></div>
	</htmltext>
<tokenext>...but when it comes to version numbers I 've grown fond of Ubuntu 's approach , with month and year as the version .
It makes it very simple to tell if you have a fresh or stale copy of something.But ... that 's what they did ?
... just remove the dot and from 1.0 ... and you get ?</tokentext>
<sentencetext>...but when it comes to version numbers I've grown fond of Ubuntu's approach, with month and year as the version.
It makes it very simple to tell if you have a fresh or stale copy of something.But ... that's what they did?
... just remove the dot and from 1.0 ... and you get?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662118</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661946</id>
	<title>Release announcement and changelog</title>
	<author>molo</author>
	<datestamp>1269855660000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p><a href="http://marc.info/?l=openssl-announce&amp;m=126987886907671&amp;w=2" title="marc.info">http://marc.info/?l=openssl-announce&amp;m=126987886907671&amp;w=2</a> [marc.info]</p><p><a href="http://www.openssl.org/source/exp/CHANGES" title="openssl.org">http://www.openssl.org/source/exp/CHANGES</a> [openssl.org]</p><p>-molo</p></htmltext>
<tokenext>http : //marc.info/ ? l = openssl-announce&amp;m = 126987886907671&amp;w = 2 [ marc.info ] http : //www.openssl.org/source/exp/CHANGES [ openssl.org ] -molo</tokentext>
<sentencetext>http://marc.info/?l=openssl-announce&amp;m=126987886907671&amp;w=2 [marc.info]http://www.openssl.org/source/exp/CHANGES [openssl.org]-molo</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662246</id>
	<title>Please please keep a stable ABI</title>
	<author>Anonymous</author>
	<datestamp>1269857040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>OpenSSL has until now had the least stable ABI of all commonly used Unix libraries. Having to upgrade half the system for a change from 0.98f to 0.98g is rather sad. Especially when bug fixes come with ABI changes.</p></htmltext>
<tokenext>OpenSSL has until now had the least stable ABI of all commonly used Unix libraries .
Having to upgrade half the system for a change from 0.98f to 0.98g is rather sad .
Especially when bug fixes come with ABI changes .</tokentext>
<sentencetext>OpenSSL has until now had the least stable ABI of all commonly used Unix libraries.
Having to upgrade half the system for a change from 0.98f to 0.98g is rather sad.
Especially when bug fixes come with ABI changes.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030</id>
	<title>1.0  they finally got it right!</title>
	<author>Tiger4</author>
	<datestamp>1269856080000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>Now that the first version is finally in relaase, how long before the first set of changes hits?   Everybody knows 1.0 of anything is full of bugs.</p><p>And on a more serious note, did anyone ever publish a specification of what a 1.0 release should have in it?  Or is this somewhere between "declare victory" and "declare exhaustion"?</p></htmltext>
<tokenext>Now that the first version is finally in relaase , how long before the first set of changes hits ?
Everybody knows 1.0 of anything is full of bugs.And on a more serious note , did anyone ever publish a specification of what a 1.0 release should have in it ?
Or is this somewhere between " declare victory " and " declare exhaustion " ?</tokentext>
<sentencetext>Now that the first version is finally in relaase, how long before the first set of changes hits?
Everybody knows 1.0 of anything is full of bugs.And on a more serious note, did anyone ever publish a specification of what a 1.0 release should have in it?
Or is this somewhere between "declare victory" and "declare exhaustion"?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31670516</id>
	<title>NSS</title>
	<author>kriston</author>
	<datestamp>1269963600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Thing is, Red Hat and friends stopped waiting and already moved to NSS over three years ago.  <a href="http://en.wikipedia.org/wiki/Network\_Security\_Services" title="wikipedia.org">http://en.wikipedia.org/wiki/Network\_Security\_Services</a> [wikipedia.org]</p></htmltext>
<tokenext>Thing is , Red Hat and friends stopped waiting and already moved to NSS over three years ago .
http : //en.wikipedia.org/wiki/Network \ _Security \ _Services [ wikipedia.org ]</tokentext>
<sentencetext>Thing is, Red Hat and friends stopped waiting and already moved to NSS over three years ago.
http://en.wikipedia.org/wiki/Network\_Security\_Services [wikipedia.org]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661844</id>
	<title>First post, shitheads!</title>
	<author>Anonymous</author>
	<datestamp>1269855180000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>-1</modscore>
	<htmltext><p>yeah!!</p></htmltext>
<tokenext>yeah !
!</tokentext>
<sentencetext>yeah!
!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663376</id>
	<title>Re:Geee!</title>
	<author>Hurricane78</author>
	<datestamp>1269862620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Bank?? Website??<br>What is this? The dark ages?</p><p>Get yourself some <a href="http://en.wikipedia.org/wiki/FinTS" title="wikipedia.org">FinTS</a> [wikipedia.org] client! (And a bank that offers it. Every bank that doesn&rsquo;t, is a fraud anyway.)</p></htmltext>
<tokenext>Bank ? ?
Website ? ? What is this ?
The dark ages ? Get yourself some FinTS [ wikipedia.org ] client !
( And a bank that offers it .
Every bank that doesn    t , is a fraud anyway .
)</tokentext>
<sentencetext>Bank??
Website??What is this?
The dark ages?Get yourself some FinTS [wikipedia.org] client!
(And a bank that offers it.
Every bank that doesn’t, is a fraud anyway.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668106</id>
	<title>Re:Geee!</title>
	<author>muckracer</author>
	<datestamp>1269946620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>&gt; the article really boils down to is that SSL is useless if the client and server<br>&gt; can't trust the certificate authority. Which should be freaking obvious.</p><p>Yet we all do!</p></htmltext>
<tokenext>&gt; the article really boils down to is that SSL is useless if the client and server &gt; ca n't trust the certificate authority .
Which should be freaking obvious.Yet we all do !</tokentext>
<sentencetext>&gt; the article really boils down to is that SSL is useless if the client and server&gt; can't trust the certificate authority.
Which should be freaking obvious.Yet we all do!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662322</parent>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667622
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663550
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662118
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31666368
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662906
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662936
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663376
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663382
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662256
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667428
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663686
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662246
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31671314
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662118
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31664156
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662120
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667596
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662354
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31665496
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661948
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668106
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662322
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667798
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662906
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661954
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661864
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663392
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661952
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668064
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663160
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662868
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662256
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_29_1952215_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663018
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662120
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661864
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661954
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661938
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662030
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662936
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667596
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663160
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661916
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668064
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663376
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662354
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662906
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667798
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31666368
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662256
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663382
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662868
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662322
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668106
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667428
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661902
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662118
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663550
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31667622
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31671314
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661952
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663392
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661976
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662120
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31664156
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663018
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662246
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31663686
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662440
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31668004
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31661948
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31665496
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_29_1952215.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_29_1952215.31662068
</commentlist>
</conversation>
