[116440] in North American Network Operators' Group
Re: Dan Kaminsky
daemon@ATHENA.MIT.EDU (Mikael Abrahamsson)
Tue Aug 4 14:25:55 2009
Date: Tue, 4 Aug 2009 20:25:28 +0200 (CEST)
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: Valdis.Kletnieks@vt.edu
In-Reply-To: <21558.1249409948@turing-police.cc.vt.edu>
Cc: Nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 4 Aug 2009, Valdis.Kletnieks@vt.edu wrote:
> Yes, but a wise man without a PR agent doesn't do the *rest* of the
> community much good. A Morris or Bernstein may *see* the problem a
> decade before, but it may take a Mitnick or Kaminsky to make the *rest*
> of us able to see it...
Same thing to get the industry to scramble to get rid of MD5 in SSL-certs,
known for a long time, when it was shown to be practical it didn't take
that long to get rid of.
People want proof, not theory.
--
Mikael Abrahamsson email: swmike@swm.pp.se
