[122436] in cryptography@c2.net mail archive
Re: User interface, security, and "simplicity"
daemon@ATHENA.MIT.EDU (Ian G)
Sun May 4 19:57:10 2008
Date: Sun, 04 May 2008 22:28:32 +0200
From: Ian G <iang@systemics.com>
To: "Perry E. Metzger" <perry@piermont.com>
Cc: Jacob Appelbaum <jacob@appelbaum.net>,
Peter Gutmann <pgut001@cs.auckland.ac.nz>, cryptography@metzdowd.com
In-Reply-To: <874p9ep0lz.fsf@snark.cb.piermont.com>
Perry E. Metzger wrote:
> It is obvious to anyone using modern IPSec implementations that their
> configuration files are a major source of pain. In spite of this, the
> designers don't seem to see any problem. The result has been that
> people see IPSec as unpleasant and write things like OpenVPN when the
> underlying IPSec protocol is just fine and it is the implementations
> that are unpleasant.
Kerckhoffs' 6th, providing great entertainment for the
security world, since 1883.
=====================
6. Finally, it is necessary, given the circumstances that
command its application, that the system be easy to use,
requiring neither mental strain nor the knowledge of a long
series of rules to observe.
=====================
iang
PS: Although his 6th is arguably the most important, his
others are well worth considering:
https://www.financialcryptography.com/mt/archives/000195.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
