More info in my AES128-CBC question
Greg Black
cryptography at mail.gbch.net
Sun Apr 22 19:39:10 EDT 2007
On 2007-04-21, David Wagner wrote:
> If you're sick and you go to a doctor, do you tell the doctor "you'd
> better come up with some very clear arguments if you want me to follow
> your advice"? Do you tell your doctor "you'd better build a strong case
> before I will listen to you"? I would hope not. That would be silly.
Not at all. That would be smart. Blind deference to experts, in any
field, is just plain stupid.
> Doctors are medical professionals with a great deal of training and
> expertise in the subject. They can speak with authority when it comes
> to your health. So why do people with no training in security think
> that they can freely ignore the advice of security professionals without
> any negative consequences?
Asking the professionals to make a clear case is not the same as freely
ignoring them. But blindly following those who speak with authority
leads to all sorts of nonsensical outcomes.
If we are consulting an expert, it behoves us to examine the expert's
reasoning. If we are the experts, we should expect to have to explain
ourselves to those who rely on us -- and we should volunteer those
explanations rather than making people drag them out of us.
Cheers, Greg
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list