[Cryptography] Mix Messaging in the Mesh

Ralf Senderek crypto at senderek.ie
Fri Mar 22 03:12:17 EDT 2019

On Thu, 21 Mar 2019, Phillip Hallam-Baker wrote:

> On Thu, Mar 21, 2019 at 2:47 PM Ralf Senderek <crypto at senderek.ie> wrote:
>       On Thu, 21 Mar 2019, Phillip Hallam-Baker wrote:
>       > In particular, where is the optimum tradeoff between security and complexity?
>       Answer: Maximum security and minimum complexity.
>           --ralf
>       PS: And why do you think the other stuff is of any substantial importance?
> Because if security is going to be any use to people it has to be easy enough that a 60+ year
> old grandmother who left school before the Internet arrived can use it because she is the US
> Secretary of State.


> We have tried the maximalist approach to security for 30 years and it has been a complete
> failure. We have one widely deployed Internet security protocol and it is limited to the
> transport layer.

IF the "maximum security" approach really was a "complete" failure, then 
you'd have to consider the miserable job of easy-to-use key management,
the insane tendency to increase complexity in order to match desired 
features and - last but not least - the ordinary user's expectation, that 
security must be done automatically without any intervention on their 
behalf, not to mention the problems that reduce the security of the 
systems they use, which have been discussed here in detail.

The last thing that can be blamed for that failure is maximum security.


More information about the cryptography mailing list