[nSLUG] Wikipedia changes/limits protocols?

George N. White III gnwiii at gmail.com
Fri Jul 17 08:50:03 ADT 2015


On Thu, Jul 16, 2015 at 12:42 AM, Mike Spencer <mspencer at tallships.ca>
wrote:

>
>
> The thing is, I may be more paranoid than Schneier, or at least less
> trusting.
>
>
I'm not smart enough to verify the crypto math nor to to write bullet
> proof code that implements it.  But I'm more or less willing to trust
> the individual code hackers -- natural persons -- who are smarter than
> I am.  I can infer their trustworthiness -- street cred -- from
> various public info.  Sometimes I know people who know people whow
> know the coders. I can look at who uses and who critiques the
> software. I can read the RFCs. Other stuff like that....that's what
> people do about trusting people.
>
> But I can't bring myself to trust large corporate (for loose
> definitions of "corporate") entities whose activities or products are
> generated by huge teams, managed by, well, you know, managers and
> executives with an eye on shareholder value, bottom line and
> survival in the political arena.
>
> And the crypto in HTTPS appears to me (am I wrong?) to depened on
> impenetrable browser code and a (too?) widely distributed mare's nest
> of authentication of just that sort of origin.
>

There are two issues here:

1.  whether to use strong encryption (answer: yes)

2. finding a good implementation.  There are lots of choices:

https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations

but doesn't include:
https://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a-New-Open-Source-TLS-Implementation

Note that almost all are open source, Microsoft being the notable
exception.   Also, most have versions released this year,
which at least shows there is somebody actively working on them, but may
also indicate that the majority of implementations share some of the recent
high profile bugs.  Hopefully most have removed support for "export grade"
encryption.



[...]
>
>
> - Mike
>
> --
> Michael Spencer                  Nova Scotia, Canada       .~.
>                                                            /V\
> mspencer at tallships.ca                                     /( )\
> http://home.tallships.ca/mspencer/                        ^^-^^
>
>
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/mailman/listinfo/nslug
>



-- 
George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/pipermail/nslug/attachments/20150717/977462da/attachment.html>


More information about the nSLUG mailing list