On 12/14/10 1:23 PM, David Shaw wrote: > You sort of need a crystal ball to make that argument though...
To underline and agree with what David said -- the entire field of communications security requires crystal balls. It sounds neat and simple to say, "the weakest part of the system must be stronger than the adversary's ability to break it," but in reality it's messy and complicated. The weakest part of the system, in your estimation, may not be the same as the weakest part in the enemy's estimation. If you don't know what your enemy's capabilities are, well, figuring out what the enemy will consider "weakest" requires a crystal ball. For that matter, you may not know who your enemies are. If you're worried about the FBI eavesdropping on your email, you might be totally blind to J. Random Sysadmin who gets his jollies from planting keyloggers on systems. Just knowing who your enemies are requires a crystal ball. You may... etc., etc. It's an incredibly difficult and Byzantine problem. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users