[Cryptography] The Laws (was the principles) of secure information systems design

[Peter Gutmann]

Jon Callas <jon at callas.org> writes:

>> Law 3: Only those you trust can betray you
>
>I know what you're trying to say. I'd think something better might be, 
>"talking securely to a snitch is still insecure." Or something like that.

I think it definitely needs to stay in its original form, a huge amount of
stuff that's secure by executive fiat is sold as "trusted" (PKI, TPMs,
TrustZone, etc), so it's essential that there's a law pointing out what
"trust" really means in this case.

>What does "store" mean? Is a value in a register stored? Is data in transit 
>stored? 

Oh, now you're just being pedantic... :-).

Peter.