In message <[EMAIL PROTECTED]>, Michael Paul Johnso
n writes:
>
>To put this suggestion into perspective, consider that in the real world, pure
> cipher strength is rarely the weakest link in the security chain, provided th
>at a reasonable key length and cipher are chosen. Having done that, go for it
>if you still think you can afford the extra time, space, and key management wi
>th (probably) no measurable increase in overall system security.
Precisely. What is the *real* threat model?
History does indeed show that believed-secure ciphers may not be, and
that we do indeed need a safety margin. But history shows even more
strongly that there are many better ways to the plaintext, and that's
the real goal.
--Steve Bellovin
