LHC Computer Grid - Rollout
> [mailto:[log in to unmask]] On Behalf Of Kelsey, DP (David)
said:
> Alternatively, we (JSPG) should invite the author to join us :=)
Try looking at some of the other things on his home page:
http://www.cs.auckland.ac.nz/~pgut001/
e.g.
'Despite two decades of work, X.509 PKI isn't doing very well.
Deployment is minimal, and even when it's used it's frequently just
security theatre: Keys are generated for users by the CA and mailed out
to them, and users go through the motions of checking keys without
really caring, because it's just too painful to get it right. Much of
the blame for this lies in a design that looks like it was created by
the e-commerce division of the Ministry of Silly Walks. The result is
security technology that, as one developer at a large US security vendor
put it, "I wouldn't trust to control access to a beer fridge".'
I also like:
Crypto lets someone say "Hi! I absolutely definitely have a name
somewhat like the name of a large familiar organization, and I'd like to
steal your data!" and lots of users will say "OK, fine, whatever".
- John Levine
Stephen
|