Below...
Wes Noonan, MCSE/MCT/CCNA/NNCSS
Senior QA Rep.
BMC Software, Inc.
(713) 918-2412
[EMAIL PROTECTED]
http://www.bmc.com
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Monday, February 12, 2001 15:45
To: Noonan, Wesley; [EMAIL PROTECTED]
Subject: RE: Squid and Samba
Wesley,
>#Because they won't divulge their code?? I hardly view this as suspect.
>Last
>#thing I want is for people to know how I encrypt/authenticate something.
>An encryption algorithm should never count on obscurity to keep information
>protected. The algorithm and implementation should be unbreakable by
>anything but brute force or a new development in mathematics or it is
>flawed. This means that releasing anything but the actual keys should not
>result in the process being compromised. I do want everyone to know how I
>encrypt/authenticate something that way the smarter people in the
>cryptographic community can point out broken things that I missed.
This is the third time this point has been raised (and the first real good
point IMHO), and I will publicly reply just to make it easy (so stop
emailing me on this one :)).
Perhaps my choice of words "divulge their code" was bad, and my choice of
"how I encrypt/authenticate something" was incredibly over simplified, and
thus flawed. The point about the algorithm is an absolutely valid one, to
which I have no great rebuttal. In fact, I quite agree. I think W2K makes
some good steps forward (Kerberos), but at the time takes some good steps
backwards (EFS). In short, it is too early to say the walk is done, but I
think we can say, over all, they are walking forward (albeit slower than
many of us, myself included, would like).
Regardless, it is good to be back to discussing non-subjective statements
(Linux sucks/Microsoft sucks).
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
