The exchange below actually reflects what I think is the strongest argument against the proposed design change. Successful businesses always prefer what works to something new or innovative. With security, that tendency should be even stronger, since an architecture can only be considered "secure" after it is widely know and many experts have unsuccessfully tried to discover weaknesses with it.
I would ask the consultant for a list of other organizations (preferably where he/she did not influence the design) that use the proposed model. The model used by organizations that require the strongest security, such as banking and the military, is the one your organization should adopt if you want to convince customers that you provide the same level of security. Claiming you have something "better" is an automatic red flag to any potential customers with even minimal security experience. Brant Thomsen Sr. Software Engineer Wavelink Corporation > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of coco coco > Sent: Thursday, June 16, 2005 9:20 PM > To: openssl-users@openssl.org > Subject: RE: Need objective arguments against double certificate > > > > > Pease help to fill in items that I might have missed :) > > > > The security risk that this non-standard scheme might introduce an > >unforseen vulnerability. This is, IMO, as likely as that it will protect > >against some unforseen vulnerability -- the alleged reason for > the scheme. > > > > Hehe, I was trying really hard to put this issue into some tangible > numbers :) > > There is always security risk related to the design, to the > implementation, > to the administration, etc. From all the books/sources I've learned > crypto and security (including topics on information system auditing > and assurance, information security risk assessment), I couldn't find > any systematic methodology to estimate this. Everyone is talking > about it in bulleted items, kinda subjective. > > This seems to come only with experience, and learn the hard > way after screwing up a couple of times, or something. > > I don't know, I'm working on estimating the potential consequences > of a security breach. But this is way beyond my > knowledge/experience/expertise. > And this is really on a case by case basis, no book can teach > me that, I guess. > > thanks > > _________________________________________________________________ > Is your PC infected? Get a FREE online computer virus scan from McAfee® > Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
