CFP: PKI research workshop
Russell Nelson
nelson at crynwr.com
Mon Dec 31 22:32:41 EST 2001
Andrew Odlyzko writes:
> 1. Cryptography does not fit human life styles easily.
> 2. Novel technologies take a long time to diffuse through society.
to which I would add:
3. Cryptography, and therefore PKI, is meaningless unless you first
define a threat model. In all the messages with this Subject, I've
only see one person even mention "threat model". Think about the
varying threat models, and the type of cryptography one would propose
to address them. Even the most common instance of encryption,
encrypted web forms for hiding credit card numbers, suffers from
addressing a limited threat model. There's a hell of a lot of known
plaintext there.
--
-russ nelson <sig at russnelson.com> http://russnelson.com
Crynwr sells support for free software | PGPok | If you argue with someone
521 Pleasant Valley Rd. | +1 315 268 1925 voice | who is not rational, he will
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | always win, in his own mind.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list