replay & integrity

Eric Rescorla ekr at
Wed Jul 9 13:46:36 EDT 2003

tom st denis <tomstdenis at> writes:
> --- Eric Rescorla <ekr at> wrote:
> > This is all fine, but irrelevant to my point, which is that
> > if you're designing a channel security protocol it should
> > provide channel level integrity and anti-replay unless there's
> > some really good reason not to.
> For the love of god the horse is dead.  Let it be!
> I've pulled the code [and the rest of the site].  I admitted you were
> right, I admited it had unintentional flaws.  
> What more do you want?  


I'm sorry you're taking this personally, since it's not really
about you. I take Ian to be making a generic argument
that there's not a need for these features in a channel
security protocol. I've certainly hear this argument
before and I think it's worth discussing--even though
I think he's wrong.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list