[cryptography] preventing protocol failings
coderman at gmail.com
Tue Jul 5 02:35:23 EDT 2011
On Mon, Jul 4, 2011 at 11:11 PM, Jon Callas <jon at callas.org> wrote:
> Yeah, sure. I agree completely.
no you don't ;)
> How can I use this principle as a touchstone to let me know the right thing to do. I suppose we could consider it a rule of thumb instead, but that flies in the face of making it "Gospel."
what are the good reasons for options that don't include:
- backwards compatibility
- intentional crippling (export restrictions)
- patents or other license restrictions
- interoperability with others
there may be a pragmatic need for options dealing with existing
systems or business requirements, however i have yet to hear a
convincing argument for why options are necessary in any new system
where you're able to apply lessons learned from past mistakes.
> You're writing an S/MIME system...
well there's your problem right there!
as for formal verification, i agree completely.
More information about the cryptography