<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div><span></span></div><div><meta http-equiv="content-type" content="text/html; charset=utf-8"><div style="-webkit-text-size-adjust: auto; ">In this oped in the Guardian</div><div style="-webkit-text-size-adjust: auto; "><br></div><div style="-webkit-text-size-adjust: auto; "><a href="http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance">http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance</a></div><div style="-webkit-text-size-adjust: auto; "><br></div><div style="-webkit-text-size-adjust: auto; ">Bruce Schneier writes: "<span style="background-color: rgba(255, 255, 255, 0); ">Prefer symmetric cryptography over public-key cryptography." The only reason I can think of is that for public key crypto you typically use an American (and thus subverted) CA to get the recipients public key. </span></div><div style="-webkit-text-size-adjust: auto; "><span style="background-color: rgba(255, 255, 255, 0); "><br></span></div><div style="-webkit-text-size-adjust: auto; "><span style="background-color: rgba(255, 255, 255, 0); ">What other reasons could there be for this advice?</span></div><div style="-webkit-text-size-adjust: auto; "><span style="background-color: rgba(255, 255, 255, 0); "><br></span></div><div style="-webkit-text-size-adjust: auto; "><span style="background-color: rgba(255, 255, 255, 0); ">Best,</span></div><div style="-webkit-text-size-adjust: auto; ">Jaap-Henk</div><div><br><span style="-webkit-text-size-adjust: auto;">(I apologise for typos and being terse; this mail was written on an iPad)</span><div style="-webkit-text-size-adjust: auto; "><div><br></div><div>--</div><div><span style="background-color: rgba(255, 255, 255, 0);">Jaap-Henk Hoepman<br>TNO, Groningen & <br>Dept. of Computer Science <br>Radboud University Nijmegen <br>(m) <a href="mailto:jhh@cs.ru.nl" x-apple-data-detectors="true" x-apple-data-detectors-type="link" x-apple-data-detectors-result="1">jhh@cs.ru.nl</a> <br>(w) <a href="http://www.cs.ru.nl/~jhh" x-apple-data-detectors="true" x-apple-data-detectors-type="link" x-apple-data-detectors-result="2">www.cs.ru.nl/~jhh</a><br>(m) <a href="mailto:jaap-henk.hoepman@tno.nl" x-apple-data-detectors="true" x-apple-data-detectors-type="link" x-apple-data-detectors-result="3/0">jaap-henk.hoepman@tno.nl</a><br>(t) <a href="tel:+31%2088%20866%207754" x-apple-data-detectors="true" x-apple-data-detectors-type="telephone" x-apple-data-detectors-result="3/1">+31 </a>6 20619554<br></span></div></div><div style="-webkit-text-size-adjust: auto; ">(t) @xotoxot</div></div></div></body></html>