[Cryptography] What is a secure conversation? (Was: online forums...)
Jerry Leichter
leichter at lrw.com
Mon Dec 30 14:26:23 EST 2013
On Dec 30, 2013, at 11:06 AM, Theodore Ts'o <tytso at mit.edu> wrote:
> Who is "the business" and why do they get to decide who to appoint?
> How does this apply to all of our open source technologies, such as
> OpenSSH, OpenSSL, the Linux /dev/random driver, etc? In the case of
> the RSA business, they chose Bart Harman as their CTO, who is
> presumably "the decider". Given his recent statements, does that make
> you feel any more comfortable?
I think you meant Bret Hartman. He was CTO at RSA from 2007 until he left (for Cisco) in 2010. Long after the decisions on Dual EC RNG; long before Snowdonia. So I'm not sure which of his recent statements you have in mind.
BTW, Bret is not a crypto-type, just as RSA is not (or hasn't been for many years) a crypto company. He's an enterprise security guy. (He "wrote the book" on web services security - e.g., http://www.wiley.com/WileyCDA/WileyTitle/productCd-0471267163.html - having been involved in the development of some of the XML-related security standards. When I knew him - late 2000's - he'd come to regret the way much of that work ended up - bloated and extremely heavy-weight.)
-- Jerry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131230/8aef30a3/attachment.bin>
More information about the cryptography
mailing list