[114412] in cryptography@c2.net mail archive
Re: Fixing SSL (was Re: Dutch Transport Card Broken)
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Fri Feb 1 09:12:39 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, DaveHowe@gmx.co.uk
In-Reply-To: <47A0CA5B.7060503@gmx.co.uk>
Date: Fri, 01 Feb 2008 13:08:02 +1300
Dave Howe <DaveHowe@gmx.co.uk> writes:
>SSL - Cludge thrown together by a browser manufacturer,
To paraphrase Winston Churchill, "SSL is the worst secure-pipe protocol,
except for all the others". Like most people here, I can find assorted nits
to pick with it (mostly message-formatting stuff and the like, which is
actually relatively trivial), but every time I look at its competitors I
realise that they're all much, much worse. Conversely, it's amazing how many
other protocols are just SSL reinvented badly (or in several cases, really
really badly).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
