Fixing SSL (was Re: Dutch Transport Card Broken)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Jan 31 19:08:02 EST 2008
Dave Howe <DaveHowe at gmx.co.uk> writes:
>SSL - Cludge thrown together by a browser manufacturer,
To paraphrase Winston Churchill, "SSL is the worst secure-pipe protocol,
except for all the others". Like most people here, I can find assorted nits
to pick with it (mostly message-formatting stuff and the like, which is
actually relatively trivial), but every time I look at its competitors I
realise that they're all much, much worse. Conversely, it's amazing how many
other protocols are just SSL reinvented badly (or in several cases, really
really badly).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list