On Jun 15, 2015 4:24 AM, "Johannes Merkle" <[email protected]> wrote: > > Watson Ladd schrieb am 12.06.2015 um 22:36: > > The reality is that most people invited don't care about security, but the appearence of security. This was very > > explicit when the Brainpool guy was complaining about Tanja Lange's article and blamed the problems with standards on > > incompetent implementors. > > This statement of yours is utterly wrong and comes close to an insult. How can you deliver such a judgment when you > haven't even talked to these people?
Unfortunately there isn't a transcript of the proceedings that I've found, so I'll have to rely on my fallible memory. But I distinctly recall complaining about Tanja's article at the second panel. Not complaints about its accuracy, but that its publication put unjustified suspicion on Brainpool. In fact during the weekend I heard almost as much about "trust" as security, with a great deal of discussion about how NIST needs to restore trust, etc. but very little about NIST needs to help ensure security. The second exchange blamed the security issues with ECC on incompetent implementors. This sounds good, but ignores the reality: over the past year and a half there have been critical bugs in many TLS stacks resulting from the sort of flaws Curve 25519 was designed to deal with. I only heard one presentation mention this fact. Does blaming incompetent implementors come close to dealing with this situation? The fact is that Internet crypto is mostly software and mostly nonexistent. Hardware makes for a tiny fraction of TLS clients, slightly higher for servers. The idea that Heartbleed will lead to everyone rushing out and purchasing EAL4+ TLS termination hardware ignores the reasons why OpenSSL is used in the first place. If the participants were actually focused on improving the security of Internet traffic they would focus on understanding why crypto implementations have problems, and why these problems persist. Sincerely, Watson Ladd > > -- > Johannes
_______________________________________________ Curves mailing list [email protected] https://moderncrypto.org/mailman/listinfo/curves
