Mike Shaver wrote:
| Thus spake Adam Shostack:
| > Fix the foundations, not the buildings. TCP should provide a reliable
| > stream connection, and I think I can make the argument that part of
| > reliable in todays world is authentication.
|
| Sure, you need `good, solid authentication', and I need `good, solid
| authentication', but it'll mean different things to different people.
You're right. What I meant to say was integrity, not
authentication.
| I don't want the IETF making security policy decisions for me, thank
| you very much, and putting auth/integ/confid in the stack seems a step
| in that direction.
The stuff that exists today does not make policy decisions for
you (IMHO), but gives you tools for creating policies.
| > Raising the bar is a generally good thing, even if
| > you can't raise it high enough.
|
| Agreed, as long as you don't get a placebo effect.
| "I've got crypto-on-the-wire, so I don't need (OTP|backups|an AUP)."
|
| *shiver*
You will get a placebo effect, and then it will wear off,
probably 5 to 10 years after it shows up. So, will we be better off
with that placebo or the current one? I think we'll be better off
with a crypto placebo in effect. That placebo will show up whenever
we deploy (name new tool here.)
Adam
"I could swear the guy behind the counter said these bullets were
magic!"
Follow-Ups:
References:
|
|
