> > From a security point of view, why should anyone download any plug-in 
> > from an unknown party?  In this very specific case, why should someone 
> > download a a plug-in that by its own description is playing around in 
> > the crypto arena.
> 
> I think this is a problem for all open source projects.  

Delete the words "open source" from the sentence above and I'll agree.

Cheers,

        Stefan.
-------------------------------------------------------
Dipl.-Inform. Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Albert-Nestler-Strasse 9, D-76131 Karlsruhe

Tel. +49 721 6105-461, Fax +49 721 6105-455
E-Mail [EMAIL PROTECTED], http://www.secorvo.de
-------------------------------------------------------
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to