Tanja Lange <[email protected]> writes: >Maybe it just was a rethorical quations, but here is a quick brain dump, >sorry if I missed anybody's favoite:
All of those are implementation errors: - If you implement known-broken crypto, it's an implementation error. - If you implement RSA with too-short keys, it's an implementation error. - If your implementation chooses weak primes for RSA, it's an implementation error. - If you get RSA padding wrong, it's an implementation error. More generally, if you implement crypto badly, it's an implementation error. For example if I implement RSA with p = q, that's a (pretty bad) implementation error. Peter. _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
