On Thu, Jan 31, 2008 at 04:07:03PM +0100, Guus Sliepen wrote: > > Peter sent us his write-up up via private email a few days before he > posted it to this list (which got it on Slashdot). I had little time to > think about the issues he mentioned before his write-up became public. > When it did, I (and others too) felt attacked in a cruel way. Peter > ignored all the reasons *why* we used the kind of crypto we did at > that moment, compared it to a very high standard, and made it feel like > every thing we didn't do or didn't do as well as SSL made our crypto > worthless.
There is no valid reason to ship snake oil cryptography (at any moment). There is no standard but a high standard which is appropriate for comparison. Since SSL was already available, there was no excuse to do anything worse. It seems that you still don't understand those things, or you would not complain about them even at this far removed date. How unfortunate. Thor --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]