replay & integrity
Eric Rescorla
ekr at rtfm.com
Wed Jul 9 13:46:36 EDT 2003
tom st denis <tomstdenis at yahoo.com> writes:
> --- Eric Rescorla <ekr at rtfm.com> wrote:
> > This is all fine, but irrelevant to my point, which is that
> > if you're designing a channel security protocol it should
> > provide channel level integrity and anti-replay unless there's
> > some really good reason not to.
>
> For the love of god the horse is dead. Let it be!
>
> I've pulled the code [and the rest of the site]. I admitted you were
> right, I admited it had unintentional flaws.
>
> What more do you want?
Tom,
I'm sorry you're taking this personally, since it's not really
about you. I take Ian to be making a generic argument
that there's not a need for these features in a channel
security protocol. I've certainly hear this argument
before and I think it's worth discussing--even though
I think he's wrong.
-Ekr
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list