On Mon, Apr 23, 2001 at 07:48:40PM -0400, Leonard Rosenthol wrote:
> At 03:57 PM 4/23/2001 -0700, Aaron Lehmann wrote:
> >On Mon, Apr 23, 2001 at 01:00:28PM -0700, WJCarpenter wrote:
> > > 1. Parity-match with other WPs which have a built-in protection
> > > scheme.
> >
> >That security is no security. Especially since we are open source. See
> >http://www.tuxedo.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/x268.html,
> >near the bottom.
>
> I haven't read what ESR wrote, but having an open source product
> do crypto is a GOOD THING! Otherwise, you have "security through
> obscurity", and that's no security at all.
>
The key word is "other WP's". Their encryption is laughable and
depends on obscurity.
