[10616] in cryptography@c2.net mail archive
Re: crypto question
daemon@ATHENA.MIT.EDU (Mike Brodhead)
Sat Mar 23 16:24:29 2002
Message-Id: <200203222208.g2MM8tG09439@valis.black-ice.org>
Reply-To: mkb@black-ice.org
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: Jim Choate <ravage@einstein.ssz.com>,
Pat Farrell <pfarrell@pfarrell.com>,
"McMeikan, Andrew" <McMeikanA@logica.com>,
cryptography@wasabisystems.com
In-Reply-To: Your message of "Fri, 22 Mar 2002 14:21:01 EST."
<v04210108b8c132105814@[192.168.0.2]>
Date: Fri, 22 Mar 2002 14:08:55 -0800
From: Mike Brodhead <mkb@black-ice.org>
> The problem is doing it in a way that is affordable and doesn't
> require an army.
[snip]
> I'm not sure what changes in your argument if you delete the word
> "physical." Perhaps we should all just give up with this security
> nonsense.
:)
Agreed. It's not about perfect security, it's about Good Enough
security. Risk is not something we can eliminate, but it is something
we can manage.
It does not surprise me when non-security people forget that point,
but I am really surprised at how often security people seem to forget
it.
--mkb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
