The state of crypto products
Sep. 29th, 2003 03:57 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
ciphergothJust read this story on Slashdot, so in curiosity I downloaded the paper. And I have to echo and extend comments Peter Gutmann made about the state of crypto under Linux: when you hear about a product that uses crypto, open source, Linux based or otherwise, just assume that the crypto is woefully cack-handed rubbish from someone who's read Applied Cryptography if that.
ssh v2 is mostly OK. TLS (SSL v3.1) is mostly OK. GPG is mostly OK. IPSec is mostly OK. I don't know of anything else that people in the field think well of.
ssh v2 is mostly OK. TLS (SSL v3.1) is mostly OK. GPG is mostly OK. IPSec is mostly OK. I don't know of anything else that people in the field think well of.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2003-09-29 08:21 am (UTC)(no subject)
From:no subject
Date: 2003-09-29 09:43 am (UTC)Pavlos
(no subject)
From:(no subject)
From:(no subject)
From:(no subject)
From:(no subject)
From:no subject
Date: 2003-09-30 06:02 am (UTC)GPG is really an odd one out having started life as OSS drifted into CSS and then back out.
/* Obviously I am looking back to where those 4 first originated from, SSL, SSH, PGP, Sunscreen? */
(no subject)
From:(no subject)
From:(no subject)
From:(no subject)
From: