[144288] in cryptography@c2.net mail archive
Re: Crypto Craft Knowledge
daemon@ATHENA.MIT.EDU (Cat Okita)
Tue Feb 24 13:29:07 2009
Date: Tue, 24 Feb 2009 12:36:48 -0500 (EST)
From: Cat Okita <cat@reptiles.org>
Reply-To: Cat Okita <cat@reptiles.org>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
cc: ben@links.org, neuhaus@mail.st.cs.uni-sb.de, cryptography@metzdowd.com,
dmolnar@eecs.berkeley.edu
In-Reply-To: <E1LapEL-0003nb-RG@wintermute01.cs.auckland.ac.nz>
On Sat, 21 Feb 2009, Peter Gutmann wrote:
> This points out an awkward problem though, that if you're a commercial vendor
> and you have a customer who wants to do something stupid, you can't afford not
> to allow this. While my usual response to requests to do things insecurely is
> "If you want to shoot yourself in the foot then use CryptoAPI", I can only do
> this because I care more about security than money. For any commercial vendor
> who has to put the money first, this isn't an option.
That's not entirely true -- even commercial vendors have things like
ongoing support to consider, and some customers just cost more money
than they're worth.
cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
