Mmm, mail misfire. Apologies. I'd say "I'm better than that", but apparently, I'm not.
-wps On Jan 31, 2012, at 1:50 PM, Bill Squier wrote: > On 01/31/2012 05:21 AM, ianG wrote: >> >> major software product that still calls self-signed certificates >> "snake-oil" certificates. Which is upside down, the use of the term >> itself can be snake-oil recursively. > > That would make it 'Ouroboris oil'. > >> Yes, easy. QKD requires hardware. A laser+receiver at each end fiber in >> the middle. Software techniques don't impose any hardware costs. >> >> QKD is only ever point to point. It can never be end to end. We now have >> a 1.5 decade experiment that tells us that point to point security is >> pretty much ... cosmetic for serious purposes. > > Now, now. Weren't you just sticking up for self-signed certs? > > Different applications have different needs. For the foreseeable future, QKD > requires dedicated hardware at each end of an unboosted fiber circuit. This > is OK! Every system has known limitations. > >> It's like this: in principle, it is possible to imagine a "perfect" link >> between those two boxes. But, those two boxes aren't customer >> applications. Pretty much all customer applications are more complex >> than two end-points and a piece of string between. > > There are some fixed point-to-point connections of bicycle distance in the > world needing security from fiber-splicing attackers who control the physical > key distribution and might also (can't say for sure) secretly have better > mathematicians than the rest of the world. > > You know what QKD would have been great for? West Berlin. > > With the short block lengths in use back then it probably would make sense to > re-key every minute. > > - Marsh > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
