On Jan 31, 2008, at 4:07 PM, Guus Sliepen wrote:
I hope that in the future, if you see an application doing something
wrong, you don't immediately give the developers the soundwave therapy.

The wider point of Peter's writeup -- and of the therapy -- is that developers working on security tools should _know_ they're working in a notoriously, infamously hard field where the odds are _overwhelmingly_ against them if they choose to engineer new solutions.

With such understanding, no competent developer should ever set out to build new cryptosystems unless he can explain, point by point, why his needs cannot be met by existing, vetted systems. That explanation should ideally be made public for dissection by the community.

Ivan Krstić <[EMAIL PROTECTED]> | http://radian.org

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to