[148307] in cryptography@c2.net mail archive
Re: [Cryptography] Microsoft announces new email encryption
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Wed Nov 27 14:50:52 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <E1VlZXf-0002a3-AN@login01.fos.auckland.ac.nz>
Date: Wed, 27 Nov 2013 14:35:22 -0500
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>,
John Gilmore <gnu@toad.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============7838877728139127192==
Content-Type: multipart/alternative; boundary=089e0158ca04b9668304ec2db2cd
--089e0158ca04b9668304ec2db2cd
Content-Type: text/plain; charset=ISO-8859-1
Is this the result of that Data Layer security some Microsoft people have
been pushing in IETF as PLASMA?
That was some pretty high grade security going on. But the problem is one
of usability. I would certainly NOT describe PLASMA as epic fail security
wise. But making it work securely would likely require a lot of
infrastructure and I am not sure all of that really exists yet.
The three most important security lessons from Snowdonia are:
1) The insider threat will get anyone.
2) Data level security is essential
3) Usability is critical, security people won't use is useless.
--089e0158ca04b9668304ec2db2cd
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra">Is this the result of that Data=
Layer security some Microsoft people have been pushing in IETF as PLASMA?
</div><div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">That =
was some pretty high grade security going on. But the problem is one of usa=
bility. I would certainly NOT describe PLASMA as epic fail security wise. B=
ut making it work securely would likely require a lot of infrastructure and=
I am not sure all of that really exists yet.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">The three m=
ost important security lessons from Snowdonia are:</div><div class=3D"gmail=
_extra"><br></div><div class=3D"gmail_extra">1) The insider threat will get=
anyone.</div>
<div class=3D"gmail_extra">2) Data level security is essential</div><div cl=
ass=3D"gmail_extra">3) Usability is critical, security people won't use=
is useless.</div></div>
--089e0158ca04b9668304ec2db2cd--
--===============7838877728139127192==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============7838877728139127192==--
