paulson [Wed, 18 Jun 1997 15:31:31 +0200] rev 3446
Addition of not_imp (which pushes negation into implication) as a default
simprule
paulson [Wed, 18 Jun 1997 15:30:32 +0200] rev 3445
Corrected Title in header lines
paulson [Wed, 18 Jun 1997 15:28:03 +0200] rev 3444
Streamlined proofs of the secrecy of NB and added authentication of A and B
paulson [Wed, 18 Jun 1997 15:24:21 +0200] rev 3443
Removed Says_Crypt_lost and Says_Crypt_not_lost.
Installed not_lost_tac. Deleted unused theorems initState_subset and seesD
paulson [Wed, 18 Jun 1997 15:23:29 +0200] rev 3442
Removed Says_Crypt_lost and Says_Crypt_not_lost.
Installed not_lost_tac
paulson [Wed, 18 Jun 1997 15:21:30 +0200] rev 3441
Adapted proofs to the removal of Says_Crypt_lost and Says_Crypt_not_lost
paulson [Wed, 18 Jun 1997 15:19:37 +0200] rev 3440
Deleted spurious reference to Spy_not_see_NB, which by chance was defined
in Yahalom.ML\!
nipkow [Tue, 17 Jun 1997 09:01:56 +0200] rev 3439
converse -> ^-1
paulson [Mon, 16 Jun 1997 14:25:33 +0200] rev 3438
Type constraint added to ensure that "length" refers to lists. Maybe should
not be needed, but the translation length->size happens irrespective of types
paulson [Mon, 16 Jun 1997 14:24:11 +0200] rev 3437
Replacing the primrec definition of "length" by a translation to the built-in
"size" function
nipkow [Fri, 13 Jun 1997 10:35:13 +0200] rev 3436
Tuned wf_iff_no_infinite_down_chain proof, based on Konrads ideas.
Added selectI2EX.
mueller [Fri, 13 Jun 1997 10:04:37 +0200] rev 3435
changed compatible definition;
mueller [Thu, 12 Jun 1997 16:48:03 +0200] rev 3434
added deadlock
mueller [Thu, 12 Jun 1997 16:47:15 +0200] rev 3433
added deadlock freedom, polished definitions and proofs
paulson [Mon, 09 Jun 1997 10:21:38 +0200] rev 3432
Strengthened and streamlined the Yahalom proofs
paulson [Mon, 09 Jun 1997 10:21:05 +0200] rev 3431
Useful new lemma