> The wider point of Peter's writeup -- and of the therapy -- is that 
> developers working on security tools should _know_ they're working in 
> a notoriously, infamously hard field where the odds are 
> _overwhelmingly_ against them if they choose to engineer new solutions.

Developers working in almost any field should know the history and best 
practices -- is PGP's original "bass o matic" any more important than the 
code in a defibrillator? -- but this is not the way our field works right 
now.  Compare it to something like civil engineering or architecture.

Until we get to that point -- and we may never got there, nor want to -- 
it is probably better to act as mentors than, say, pricks. :)  I thought 
Peter's soundwave idea was kinda funny, and hopefully lessened the sting. 
Guus's note should recommended reading on a regular basis.

If we want to spread the use of crypto, perhaps we should be nicer to 
those who are also trying to do the same thing albeit poorly.


STSM, DataPower Chief Programmer
WebSphere DataPower SOA Appliances

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to