[MUD-Dev] TECH: Securing Symetric Encryption.
ceo
ceo at grexengine.com
Sat Jul 16 14:45:30 CEST 2005
William Leader wrote:
> Any encryption experts out there willing to point out a weakness
> that I don't already know about or comment on the severity of the
> weaknesses I do know about?
I'm sure Christopher Allen will comment, given his involvement ;),
but I'm wondering why SSL/TLS isn't good enough for you?
IMHO it's a sensible bet never, ever to invent security protocols
unless you absolutely have to :P. Too many experts have made simple
systems before which were fundamentally flawed for anyone to feel
safe in a proprietary system. It's much better just to go and
research what existing systems you have to choose from (personally
I'd work hard to make it so that I could use SSL, for obvious
reasons - the amount of testing it's had, ubiquity, built-in
negotiation, several different options for scenarios, optional
identity (1-way, 2-way), etc).
Adam M
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://kanga.nu/lists/listinfo/mud-dev
More information about the mud-dev-archive
mailing list