[129743] in cryptography@c2.net mail archive
Re: Strength in Complexity?
daemon@ATHENA.MIT.EDU (Cat Okita)
Mon Aug 4 17:41:07 2008
Date: Mon, 4 Aug 2008 00:29:05 -0400 (EDT)
From: Cat Okita <cat@reptiles.org>
Reply-To: Cat Okita <cat@reptiles.org>
To: Arshad Noor <arshad.noor@strongauth.com>
cc: Ben Laurie <ben@links.org>, Cryptography <cryptography@metzdowd.com>
In-Reply-To: <48964DB9.801@strongauth.com>
On Sun, 3 Aug 2008, Arshad Noor wrote:
> A more optimistic way of putting this, Ben, is to state that EKMI allows
> domain-experts of underlying components to address the complex issues of
> their domain in ways that they deem best, while providing value on top
> of those components. I see no reason to reinvent any of the components
> - despite their imperfections - when they serve my purpose very well.
> The business goal here is not cryptographic elegance or perfection, but
> a solution to a problem without creating new vulnerabilities.
... or in other words, EKMI leaves all of the hard/impossible problems
to be solved by somebody else. I'd have to agree with Ben that I'm
not seeing the value add of an additional layer of complexity.
> That may be because you are a cryptographer. If you were the CSO, an
> Operations Director, or an Application Developer in a company that had
> to manage encryption keys for 5,000 POS Terminals, 10,000 laptops,
> desktops and servers across multiple data-centers and 400 stores, you
> would see it very differently.
That's an interesting presumption that you're making -- are you familiar
with your audience?
cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
