[127224] in cryptography@c2.net mail archive
Re: Strength in Complexity?
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Tue Jul 1 20:31:22 2008
To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
Cc: arshad.noor@strongauth.com, cryptography@metzdowd.com, dbrown@forsythe.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 01 Jul 2008 20:28:14 -0400
In-Reply-To: <E1KDptS-0002Gc-8B@wintermute01.cs.auckland.ac.nz> (Peter Gutmann's message of "Wed\, 02 Jul 2008 12\:08\:18 +1200")
pgut001@cs.auckland.ac.nz (Peter Gutmann) writes:
> "Perry E. Metzger" <perry@piermont.com> writes:
>
>>No. In fact, it is about as far from the truth as I've ever seen. No real
>>expert would choose to deliberately make a protocol more complicated.
>
> IPsec. Anything to do with PKI. XMLdsig. Gimme a few minutes and I can
> provide a list as long as your arm. Protocol designers *love* complexity.
> The more complex and awkward they can make a protocol, the better it has to
> be.
The problem, Peter, is that people who don't know you may mistake your
sarcasm for agreement with misconception in the article Arshad quoted.
Oh, and by the way, you missed half a dozen failed secure mail
protocols, SET (the Wikipedia article for SET really needs to be
changed from present to past tense), and 20 other easy examples. It is
sort of like shooting fish in a barrel, isn't it?
The point is not that fools (often including us) haven't built
monstrous ziggurats that failed. The point is that no one rational
should *SEEK* to make a protocol into monstrous ziggurat on the basis
that this will improve security, and don't pretend you don't agree,
because most of us know you better than that.
Perry
--
Perry E. Metzger perry@piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
