Lucky Green writes:
> OpenSSL is a library. It should support whatever the standard supports and
> whatever users and/or authors of the lib desire to be in the lib. That may
> include broken or null-ciphers. But the user should have to take positive
> action to get at the broken ciphers. I believe by default, OpenSSL should
> ship with the weak ciphers disabled. And there should be a clear warning:
> "Not secure, don't fool yourself, do not use, etc]".
>
> Offering ROT-13 in a library you one maintains is one thing.
That's it! Include a whole range of ciphers, all the way from ROT-13
through Caesar through Enigma through an exportable 40-bit code
through DES through IDEA through blowfish. Make it clear that the
security one gets is the security one chooses, and include an analysis
of the history and security of the various ciphers.
I mean, it's foolish to impose your threat model on other people, just
as it would be foolish for someone with a higher threat model impose
her security requirements on you. I mean, one high threat model says
"No back channels", so all data must travel through a hardware one-way
interface. No. Would you like to be told that your chosen level of
security is insufficient for that threat model, therefore you must
take special steps to enable a cipher sufficient for your threat model?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
