On 2013-11-03 12:43, Christoph Lohmann wrote:
> Use ssh, it’s all there. The deployment vs. suck rate is too low in com‐
> parison to what could go wrong implementing such a critical feature
> in an insecure way.
I agree about the last point, but I'm not sure deployment should factor
into it (although maybe your point was about the lack of eyes-on that
new crypto stuff has). My feelings are:
- Software that you do not properly understand will inevitably suck;
- I understand that I do not understand cryptography well enough to
write a proper SSH alternative;
- Therefore, any cryptography software I write will inevitably suck, so
I don't write cryptography software.
Cryptography is an especially bad place to write sucky software in,
since the implications can be much worse than the sudden realisation
that the program sucks. It's much worse that you don't realise it sucks
when it actually does.
Cryptography is a niche. Let the cryptographers do their business, I am
not knowledgeable enough to say what sucks and does not suck in that
arena (other than saying that OpenSSL is one of the worst pieces of shit
I have ever had to deal with, but that's a comment on their design, not
their cryptography. I have heard their code is equally as crappy -- it
certainly looks that way, but I will leave that to those more
knowledgeable in that area to decide).
- application/pgp-signature attachment: stored
Received on Sun Nov 03 2013 - 12:54:41 CET