Hi! On Thu, Jul 11, 2013 at 3:32 AM, danimoth <[email protected]> wrote: > If yes, ask yourself why *crypto design schemes and implementations are > open and widely known, and only keys are secret.
As I wrote. You can have client code which does crypto open source, but server side does not need to be open source. In fact this is an argument for my position about central server: if crypto is done properly on the client, it should not matter if the server is open source or not - messages are still secure. And this is my whole argument: that if the client is done properly, you don't have to think how the server is implemented for security. >> centralized > > Another ideological argument? Do I need to cite wikipedia? Or "SPOF" is > enough? But you might have to think about availability, yes. But security of messages content, this is probably doable even with central server. As I wrote, the issue I am having is about meta-data - who is sending to who. This is problematic with central server. Not the messages themselves. BTW, messages could also be send directly and central server could be used just for signaling between clients. We really don't know anything about the architecture at this point. What I am saying that there are also some valid schemes involving central server, where source code of the central server does not have to be open source that you can make some claims about security properties of the system. Yes, it might be better that it is open source, but it might not be required to be able to know the security properties. Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
