Mike Shaver wrote:
| Thus spake Adam Shostack:
| > Fix the foundations, not the buildings. TCP should provide a reliable
| > stream connection, and I think I can make the argument that part of
| > reliable in todays world is authentication.
| Sure, you need `good, solid authentication', and I need `good, solid
| authentication', but it'll mean different things to different people.
You're right. What I meant to say was integrity, not
| I don't want the IETF making security policy decisions for me, thank
| you very much, and putting auth/integ/confid in the stack seems a step
| in that direction.
The stuff that exists today does not make policy decisions for
you (IMHO), but gives you tools for creating policies.
| > Raising the bar is a generally good thing, even if
| > you can't raise it high enough.
| Agreed, as long as you don't get a placebo effect.
| "I've got crypto-on-the-wire, so I don't need (OTP|backups|an AUP)."
You will get a placebo effect, and then it will wear off,
probably 5 to 10 years after it shows up. So, will we be better off
with that placebo or the current one? I think we'll be better off
with a crypto placebo in effect. That placebo will show up whenever
we deploy (name new tool here.)
"I could swear the guy behind the counter said these bullets were