On Apr 13, 2016, at 8:56 AM, Tony Arcieri <[email protected]> wrote:
> On Wed, Apr 13, 2016 at 2:06 AM, Thierry Moreau > <[email protected]> wrote: > Who wants to be optimistic with respect to threat models in the current IT > landscape? > > I prefer to be realistic about threats, especially when UX tradeoffs are > involved Everyone needs to choose their own risk posture, and different applications have different needs. There are certainly people out there for whom Yubikeys are adequate, and for whom the SC4-HSM won’t make sense. But I believe that there are applications and not-entirely-unreasonable risk postures for which a Yubikey might not be adequate. If nothing else, having a programmable USB dongle with a display makes kind of a cool toy to noodle around with. Tony: I really don’t mind negative feedback when it’s constructive. In fact, I very much appreciate it. But I’m really having a hard time discerning a constructive purpose in your critique. What exactly do you think that I should be doing differently? Change the design? Give up and join you in being an evangelist for Yubikeys? Something else? I really don’t get it. rg
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
