nipkow [Thu, 26 Jun 1997 10:43:15 +0200] rev 3461
amdI -> admI2
nipkow [Thu, 26 Jun 1997 10:42:50 +0200] rev 3460
Tuned Franz's proofs.
paulson [Mon, 23 Jun 1997 11:33:59 +0200] rev 3459
Removal of structure Context and its replacement by a theorem list of
congruence rules for use in CONTEXT_REWRITE_RULE (where definitions are
processed)
paulson [Mon, 23 Jun 1997 11:30:35 +0200] rev 3458
Removal of COND_CONG, which is just if_cong RS eq_reflection
paulson [Mon, 23 Jun 1997 10:42:03 +0200] rev 3457
Ran expandshort
paulson [Mon, 23 Jun 1997 10:35:49 +0200] rev 3456
New "congs" keyword for recdef theory section
wenzelm [Fri, 20 Jun 1997 13:19:31 +0200] rev 3455
removed old Makefile;
wenzelm [Fri, 20 Jun 1997 11:37:53 +0200] rev 3454
removed;
wenzelm [Fri, 20 Jun 1997 11:34:05 +0200] rev 3453
removed old Makefile;
wenzelm [Fri, 20 Jun 1997 11:19:39 +0200] rev 3452
removed old Makefile and compat files;
paulson [Thu, 19 Jun 1997 11:31:14 +0200] rev 3451
Made proofs more concise by replacing calls to spy_analz_tac by uses of
analz_insert_eq in rewriting
paulson [Thu, 19 Jun 1997 11:28:55 +0200] rev 3450
Proof tidying and variable renaming (NA->na, NB->nb when of type msg)
paulson [Thu, 19 Jun 1997 11:24:37 +0200] rev 3449
New comments; a tidied proof
paulson [Thu, 19 Jun 1997 11:23:31 +0200] rev 3448
Two new rewrite rules--NOT included by default\!
paulson [Wed, 18 Jun 1997 15:38:35 +0200] rev 3447
Defines KeyWithNonce, which is used to prove the secrecy of NB
paulson [Wed, 18 Jun 1997 15:31:31 +0200] rev 3446
Addition of not_imp (which pushes negation into implication) as a default
simprule
paulson [Wed, 18 Jun 1997 15:30:32 +0200] rev 3445
Corrected Title in header lines
paulson [Wed, 18 Jun 1997 15:28:03 +0200] rev 3444
Streamlined proofs of the secrecy of NB and added authentication of A and B
paulson [Wed, 18 Jun 1997 15:24:21 +0200] rev 3443
Removed Says_Crypt_lost and Says_Crypt_not_lost.
Installed not_lost_tac. Deleted unused theorems initState_subset and seesD
paulson [Wed, 18 Jun 1997 15:23:29 +0200] rev 3442
Removed Says_Crypt_lost and Says_Crypt_not_lost.
Installed not_lost_tac
paulson [Wed, 18 Jun 1997 15:21:30 +0200] rev 3441
Adapted proofs to the removal of Says_Crypt_lost and Says_Crypt_not_lost
paulson [Wed, 18 Jun 1997 15:19:37 +0200] rev 3440
Deleted spurious reference to Spy_not_see_NB, which by chance was defined
in Yahalom.ML\!
nipkow [Tue, 17 Jun 1997 09:01:56 +0200] rev 3439
converse -> ^-1
paulson [Mon, 16 Jun 1997 14:25:33 +0200] rev 3438
Type constraint added to ensure that "length" refers to lists. Maybe should
not be needed, but the translation length->size happens irrespective of types
paulson [Mon, 16 Jun 1997 14:24:11 +0200] rev 3437
Replacing the primrec definition of "length" by a translation to the built-in
"size" function
nipkow [Fri, 13 Jun 1997 10:35:13 +0200] rev 3436
Tuned wf_iff_no_infinite_down_chain proof, based on Konrads ideas.
Added selectI2EX.
mueller [Fri, 13 Jun 1997 10:04:37 +0200] rev 3435
changed compatible definition;
mueller [Thu, 12 Jun 1997 16:48:03 +0200] rev 3434
added deadlock
mueller [Thu, 12 Jun 1997 16:47:15 +0200] rev 3433
added deadlock freedom, polished definitions and proofs
paulson [Mon, 09 Jun 1997 10:21:38 +0200] rev 3432
Strengthened and streamlined the Yahalom proofs
paulson [Mon, 09 Jun 1997 10:21:05 +0200] rev 3431
Useful new lemma
wenzelm [Fri, 06 Jun 1997 21:49:47 +0200] rev 3430
eliminated non-ASCII;