Subject: Re: encryption
From: WJCarpenter (bill-abisource@carpenter.ORG)
Date: Mon Apr 23 2001 - 18:19:18 CDT
>> 1. Parity-match with other WPs which have a built-in protection
>> scheme.
al> That security is no security. Especially since we are open
al> source. See
al> http://www.tuxedo.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/x268.html,
al> near the bottom.
Huh? As far as I can figure out, your comment is a non-sequitor. If
you are saying that other WPs use weak or broken protection schemes,
OK, I was figuring we wouldn't do that. If you're saying that you
can't have good security if everyone can see your security source
code, that's actually the opposite of what most "real crypto people"
think. If you're saying we wouldn't do as good an algorithmic job as
crypto experts, I agree (though I don't see how the article you cited
means that), and that's why I think calling out to something else is
the obvious way to go, too.
The case ESR was describing in the link you provided is a completely
different animal. He was saying it wasn't smart to store a password
in a file that was protected only by an algorithm and no key (or only
a fixed key). I completely agree. He could easily have stored the
password encrypted with a user-provided key and prompted users for the
key to re-read it, but there's not much point in storing a single
password if you have to remember another password to get at it. You
merely break even.
Different deal for protecting a document with a password.
-- bill@carpenter.ORG (WJCarpenter) PGP 0x91865119 38 95 1B 69 C9 C6 3D 25 73 46 32 04 69 D6 ED F3
This archive was generated by hypermail 2b25 : Mon Apr 23 2001 - 18:18:34 CDT