On 12 Sep 2007 20:18:22 -0700, Aram Perez wrote:
I don't about you, but when I hear terms like (please pardon my
cynicism):
with military grade AES encryption - Hum, I'll have
to ask NIST
about that.
AES can be permitted for use in classified environments. See
Damien Miller writes:
It protects against the common threat model of lost/stolen USB keys.
Remember, crypto without a threat model is like cookies without
milk.
--
--my blog is athttp://blog.russnelson.com | People have strong opinions
Crynwr sells support for free software | PGPok |
Dave Korn writes:
So by your exacting standards, PGP, gpg, openssh, in fact basically
_everything_ is snake oil.
No. In fact Aram is saying nothing of interest. Cryptography without
a threat model is like motherhood without apple pie. Can't say that
enough times. More generally,
Secrets From The Future, MC Frontalot's song about crypto:
http://frontalot.com/media.php/325/MC_Frontalot_SFTF_%2801%29_Secrets_From_The_Future.mp3
Perry
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
