[Cryptography] upgrade mechanisms and policies

Ryan Carboni ryacko at gmail.com
Fri Apr 17 01:41:14 EDT 2015

> For most traffic on the net, I'd say auth is highly dependent.  For some
> things we want auth.  But for other things we want the opposite of auth,
> call it anti-auth or unauth.  This is the notion of sexchat, snapchat,
> OTR, etc in principle, not in implementation.

OTR is authed.

In any case, secrecy + integrity = confidentiality

Some concerns about man in the middle attacks involve manipulation of files
or injection. But much data shared does not need to be secret. So integrity
is only needed.

In anycase, my point was inspired by the recent Netflix announcement of
encryption. For end users on a desktop, there is so much surplus processing
capacity that cryptography is no longer an issue. Different story for
mobile (batteries), and rapidly expanding companies (razor thin profits).

I don't have much knowledge about costs of purchasing hardware accelerators
or how much throughput they have.


For personal reasons, I hope one day there will be a generation of IRC
using public key cryptography. Not SSL. User authentication integrated with
the login mechanism.

Afterall, on the internet, no one knows if you're a dog.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150416/f5b806d1/attachment.html>

More information about the cryptography mailing list