Keys not trusted
John A. Martin
jam@jamux.com
Fri May 16 21:56:02 2003
--=-=-=
Content-Transfer-Encoding: quoted-printable
>>>>> "ds" =3D=3D David Shaw "Re: Keys not trusted"
>>>>> Fri, 16 May 2003 11:55:36 -0400
ds> On Fri, May 16, 2003 at 08:16:06AM +0200, Adrian
ds> 'Dagurashibanipal' von Bidder wrote:
>> On Friday 16 May 2003 03:54, David Shaw wrote:
>>
>> > It's one of those eternal questions whether it is better if a
>> > system is perfectly secure, but not many people use it, or if
>> > it is less secure, and many people use it. One way to put
>> > this is to ask whether it is better to encrypt and be
>> > vulnerable to a man in the middle attack... or to not encrypt
>> > and be vulnerable to everything ;)
>>
>> I guess for some the big is that the people using a
>> security-made-easy system
[...]
>> when the first attack comes that uses this
[...]
>> will yell
ds> Yes, this is absolutely true. I'm not sure what the answer is
ds> for that except perhaps education... and we all know that
ds> users don't read the manuals ;)
We lock flimsy doors with weak locks so that it becomes _breaking and
entering_ when someone enters by forcing a door.
jam
--=-=-=
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
iD8DBQA+xUKAUEvv1b/iXy8RAsBbAKCarLq6nEvlupGx9YJDuAKT0/TXiQCfXu56
6oxxpT2SnyPsrWpCo9Qwfjo=
=2+QT
-----END PGP SIGNATURE-----
--=-=-=--