[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Tue Aug 19 10:18:44 CDT 2008


Eric Rescorla wrote:
> Part of the problem here is that any existing protocol has benefitted
> from a lot of
> free cryptanalysis from people hoping to get publications out of
> breaking it. But
> that's a lot less likely for a new protocol which is similar to, but
> not exactly the same
> as an existing protocol.

Right. The incentive system of cryptanalysis publication provides a 
built-in method for continual improvement. Plus you'll get a lot more 
attention if you break TLS than if you break some unknown technology 
that no one uses.

As always, incentives matter.

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080819/789ae1b6/attachment-0001.bin 


More information about the Security mailing list