On Nov 1, 2012, at 11:00 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote:

> On 11/01/2012 05:22 PM, Phillip Hallam-Baker wrote:
>> Having worked in Web security over 20 years now, I have still to see a case
>> where a system was breached because of a really subtle design flaw. 
> Bleichenbacher?

Maybe. By the time Bleichenbacher was actually an issue, a number of us had 
been screaming for years. I suppose you can say that it was really subtle 
because the people concerned about it weren't listened to. But that has its own 
ick factor, too. Everything that people don't believe is subtle. Is it subtle 
that you shouldn't be using 1024 bit RSA keys? 512?


therightkey mailing list

Reply via email to