Monoculture

M Taylor mctylr at privacy.nb.ca
Wed Oct 1 16:02:37 EDT 2003 

On Wed, Oct 01, 2003 at 02:24:00PM -0400, Ian Grigg wrote:
> Matt Blaze wrote:
> >
> > > I imagine the Plumbers & Electricians Union must have used similar
> > > arguments to enclose the business to themselves, and keep out unlicensed
> > > newcomers.  "No longer acceptable" indeed.  Too much competition boys?
> > >
> >
> > Rich,
> >
> > Oh come on.  Are you willfully misinterpreting what I wrote, or
> > did you honestly believe that that was my intent?
> 
> 
> Sadly, there is a shared culture amongst cryptography   
> professionals that presses a certain logical, scientific 
> viewpoint.

So is being logically and scientific is a bad way to do cryptography?
Maybe you would rather some sort of more 'post-modern', 'liberal'
or 'free market' cryptography?
 
> What is written in these posts (not just the present one)
> does derive from that viewpoint and although one can   
> quibble about the details, it does look very much from
> the outside that there is an informal "Cryptographers  
> Guild" in place [1].

Bollocks. Anyone is free to learn and practice (in the 'western' world,
and many other countries) cryptography. Some people are just better
at it, and many of those people are recognized for being better or
more experienced. 

By your argument any group that has education and/or training is
a guild. Heaven forbid CS and IT types look at the history of their
own field.

> The guild would like the application builder to learn the
> field.  They would like him to read up on all the literature,
> the analysies.  To emulate the successes and avoid the
> pitfalls of those protocols that went before them.  The  

That sounds like a progressive, enlightened way of doing business,
at least trying to avoid known mistakes, and trying to discover
new ones. 

> None of that is likely to happen.  The barrier to entry
> into serious cryptographic protocol design is too high
> for the average builder of new applications [2].  He has,
> after all, an application to build.

Which is why the implmentation is different from protocol design,
except for the insecure application developer. 
 
> to boot.  What is not nice is that there is no easy way
> to work out which code to use, and the protocols are not
> so easy to understand.  It's nice that we have an open

Cryptography is hard; suck it up. That is not a reason to act 
irrational and encourage using known weak or flawed methods, when 
we do have better known methods.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list