[EMAIL PROTECTED] wrote:
From a security point of view, this is really bad. From a usability
point of
view, it's necessary.
I agree with all the above, including deleted.
The solution is to let the HCI people into the
design
process, something that's very rarely, if ever, done in the security
field [0].
To jump up and down ... if that was the solution, it would
have been done by now :)
I would instead state that the solution was whatever Skype
and SSH did. And the opposite of whatever IPSec, SSL,
Clipper, S/MIME, DRM, and all the other failures did.
HCI was one of the things, but others were as important:
lack of open critique, service-before-security,
crypto-for-free, total solution, narrow problem, etc.
iang
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
