> From: lrk <[EMAIL PROTECTED]>
> Sent: Aug 6, 2004 1:04 PM
> To: "R. A. Hettinga" <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: Cryptography and the Open Source Security Debate

...
> More dangerous is a key generator which deliberately produces keys which
> are easy to factor by someone knowing a secret. These should be found
> in open source but I suggest many reviewers could miss this and again the
> "group think" would probably cause most not to even look.

So, how many people on this list have actually looked at the PGP key generation code 
in any depth?  Open source makes it possible for people to look for security holes, 
but it sure doesn't guarantee that anyone will do so, especially anyone who's at all 
good at it.

--John

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to