On Jan 31, 2008, at 4:07 PM, Guus Sliepen wrote:
I hope that in the future, if you see an application doing something
wrong, you don't immediately give the developers the soundwave
therapy.
The wider point of Peter's writeup -- and of the therapy -- is that
developers working on security tools should _know_ they're working in
a notoriously, infamously hard field where the odds are
_overwhelmingly_ against them if they choose to engineer new solutions.
With such understanding, no competent developer should ever set out to
build new cryptosystems unless he can explain, point by point, why his
needs cannot be met by existing, vetted systems. That explanation
should ideally be made public for dissection by the community.
--
Ivan Krstić <[EMAIL PROTECTED]> | http://radian.org
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]