[cryptography] preventing protocol failings

Jon Callas jon at callas.org
Tue Jul 5 03:26:17 EDT 2011

On Jul 4, 2011, at 11:35 PM, coderman wrote:

> On Mon, Jul 4, 2011 at 11:11 PM, Jon Callas <jon at callas.org> wrote:
>> ...
>> Yeah, sure. I agree completely.
> no you don't ;)

Actually I do. I also believe in truth and justice and beauty, too. And simplicity. I just value actionable, as well.

>> How can I use this principle as a touchstone to let me know the right thing to do. I suppose we could consider it a rule of thumb instead, but that flies in the face of making it "Gospel."
> what are the good reasons for options that don't include:
> - backwards compatibility
> - intentional crippling (export restrictions)
> - patents or other license restrictions
> - interoperability with others
> ?
> there may be a pragmatic need for options dealing with existing
> systems or business requirements, however i have yet to hear a
> convincing argument for why options are necessary in any new system
> where you're able to apply lessons learned from past mistakes.

Pragmatic. That's what I'm talking about pragmatism. It's not pragmatic to go write a new protocol all the time. Especially if the time to create one with no known flaws is longer than the time to find a flaw.

>> You're writing an S/MIME system...
> well there's your problem right there!

Hey, you mentioned backwards compatibility, yourself.


More information about the cryptography mailing list