On Tue, Aug 19, 2008 at 6:16 AM, Jonathan Schleifer <[EMAIL PROTECTED]> wrote: > Am 19.08.2008 um 14:20 schrieb Eric Rescorla > >> And of course, this library will be totally perfect, not need any >> maintenance, >> etc. > > It's a *huge* difference if someone who doesn't have an idea about crypto > tries to implement it using OpenSSL in some Jabber client or if they use a > library that is ready to use, written by some people who know much about > cryptography. It's like you tell a database programmer who never did > anything with graphics to write a 3D engine.
You're totally missing the point. Maintaining an entirely separate COMSEC infrastructure is a big deal, and this isn't in any way mitigated by it having a simple top API. -Ekr
