[Dshield] Crypto Question
David Brodbeck
brodbd at u.washington.edu
Thu Mar 5 18:19:52 GMT 2009
On Mar 4, 2009, at 5:10 PM, John Hardin wrote:
> My point is *don't assume the algorithm is flawless*. If you design
> your
> protocols with the assumption that the algorithms are imperfect,
> then your
> protocol is robust when the flaws are actually found.
>
> If certificate signing, and PGP et. al., and other protocols had
> included
> provision for signing with two hashes using different algorithms,
> then we
> would not be seeing attacks like this:
To me this seems like basic "defense in depth." Engineers would call
it redundancy.
--
David Brodbeck
System Administrator, Linguistics
University of Washington
More information about the Dshield
mailing list