RE: [Algorithms] Message signature in token ring
Brought to you by:
vexxed72
Menu
▾
▴
RE: [Algorithms] Message signature in token ring
|
From: Toby J. <tj...@Hu...> - 2003-04-16 14:23:13
|
> 3) Um, how many times a year do they find gaping security holes in > Windows? Why would we assume that an OS cryptography layer is magically > all that great? Because they probably test it more than you would. (And they test more than most vendors of security products do for that matter). Toby Jones Programmer Human Head Studios, Inc. http://www.humanhead.com -----Original Message----- From: Casey Muratori [mailto:gd...@fu...] Sent: Wednesday, April 16, 2003 1:55 AM To: gda...@li... Subject: RE: [Algorithms] Message signature in token ring > However, I would like to very strongly restate my observation that you > really really really shouldn't be doing this yourself. It's easy to get > wrong even for an expert in crypto algorithms (and, no offense, but it > doesn't sound like you are an expert). Any decent OS will provide > perfectly good implementations of these core algorithms (for example, > the Crypto API in Windows), I highly recommend you use them. It doesn't seem to make much sense to use built-in OS encryption rather than a freely available or commercial 3rd party one with source, because 1) You can't proof or verify code you have only in binary form, 2) You can't port or ensure interoperability between platforms if you have to rely on the encryption native to each platform, 3) Um, how many times a year do they find gaping security holes in Windows? Why would we assume that an OS cryptography layer is magically all that great? - Casey ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ GDAlgorithms-list mailing list GDA...@li... https://lists.sourceforge.net/lists/listinfo/gdalgorithms-list Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=6188 |
