<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jul 6, 2016 at 7:47 PM, Ron Garret <span dir="ltr"><<a href="mailto:ron@flownet.com" target="_blank">ron@flownet.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><span class=""><br>
On Jul 6, 2016, at 9:47 AM, Stephan Neuhaus <<a href="mailto:stephan.neuhaus@zhaw.ch">stephan.neuhaus@zhaw.ch</a>> wrote:<br>
<br>
> On 2016-06-23 06:33, Phillip Hallam-Baker wrote:<br>
>><br>
>> Some of the points I am planning to make are: [...]<br>
>><br>
>> * Complexity is the enemy of security.<br>
><br>
> Depending on what you mean by that, the evidence for this is pretty thin.<br>
<br>
</span>The evidence may be thin, but the argument seems compelling to me: the more complex a system is, the more possible places there are for vulnerabilities to hide.<br></blockquote><div><br></div><div>Splitting hair... </div><div><br></div><div>The coding should be as simple as possible. The tool chain should be as</div><div>simple and reproducible as possible over time. The user interface should be clear</div><div>and not encourage errors.</div><div><br>The cryptography itself however is what it is.... coding should make it</div><div>as easy (simple) as possible to compare the program as a translation </div><div>of the algorithm and the algorithm itself. </div></div><div class="gmail_extra"><br>In part style enters into good coding. <br>Types, variable name choices, Use oF CapItolS_t_-AnD-sTuff.<br><br>Microsoft has some good library books <br><br>Documentation: Outside looking in, Inside looking out.<br><br>Perhaps start with a set of README files for the inside looking out.<br>Pure text works almost universally.<br>README-style<br>README-copytight<br>README-test</div><div class="gmail_extra">README-revision.control (yes check in the right corrections to spelling errors for tighter </div><div class="gmail_extra"> code but not with code/logic changes).</div><div class="gmail_extra"><br></div><div class="gmail_extra"><br>Note other revisions..<br><a href="https://msdn.microsoft.com/en-us/library/ms229002(v=vs.110).aspx">https://msdn.microsoft.com/en-us/library/ms229002(v=vs.110).aspx</a><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div></div>
</div></div>