[148573] in cryptography@c2.net mail archive
[Cryptography] RSA is dead.
daemon@ATHENA.MIT.EDU (Ralf Senderek)
Sun Dec 22 16:09:59 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 22 Dec 2013 13:53:29 +0100 (CET)
From: Ralf Senderek <crypto@senderek.ie>
To: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <20131222124510.863092B076@laptop.kerry-linux.ie>
Cc: ianG <iang@iang.org>
Reply-To: Ralf Senderek <crypto@senderek.ie>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Sun, 22 Dec 2013, iang wrote:
> What was RSA's job? Their job was to serve their customers with secure
> crypto. They didn't, instead, they allowed an interested party to get
> between them and the customers, which was an abrogation of their
> self-claimed standard:
>
> "Unlike alternatives such as open source, our technology is backed by
> highly regarded cryptographic experts."
Isn't the most obvious conclusion that no crypto tool can be secure if it
is not open source? Even if there is no guarantee that the code is
actually being scrutinized, the alternative - trusting the experts - is
not really an alternative, if you cannot check what's going on.
--ralf
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
