[145409] in cryptography@c2.net mail archive
Re: A mighty fortress is our PKI
daemon@ATHENA.MIT.EDU (Chris Palmer)
Tue Jul 27 14:56:19 2010
Date: Tue, 27 Jul 2010 11:34:25 -0700
From: Chris Palmer <chris@noncombatant.org>
To: "Perry E. Metzger" <perry@piermont.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <20100727142240.6e7fee20@jabberwock.cb.piermont.com>
Perry E. Metzger writes:
> Unless you can perform an experiment to falsify the self-declared
> "objective quantitative security measurement", it isn't science. I can't
> think of an experiment to test whether any of the coefficients in the
> displayed calculation is "correct". I don't even know what "correct"
> means. This is disturbing.
I can recommend a good single-malt scotch or tawny port if you like. Have
you tried the Macallan 18?
False metrics are rampant in the security industry. We really need to do
something about them. I propose that we make fun of them.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
