[86018] in cryptography@c2.net mail archive
Re: More info in my AES128-CBC question
daemon@ATHENA.MIT.EDU (Greg Black)
Sun Apr 22 22:35:28 2007
Date: Mon, 23 Apr 2007 09:39:10 +1000
From: Greg Black <cryptography@mail.gbch.net>
To: David Wagner <daw@cs.berkeley.edu>
Cc: cryptography@metzdowd.com
Reply-To: cryptography@metzdowd.com
In-Reply-To: <200704212104.l3LL4MC9004718@taverner.cs.berkeley.edu>
On 2007-04-21, David Wagner wrote:
> If you're sick and you go to a doctor, do you tell the doctor "you'd
> better come up with some very clear arguments if you want me to follow
> your advice"? Do you tell your doctor "you'd better build a strong case
> before I will listen to you"? I would hope not. That would be silly.
Not at all. That would be smart. Blind deference to experts, in any
field, is just plain stupid.
> Doctors are medical professionals with a great deal of training and
> expertise in the subject. They can speak with authority when it comes
> to your health. So why do people with no training in security think
> that they can freely ignore the advice of security professionals without
> any negative consequences?
Asking the professionals to make a clear case is not the same as freely
ignoring them. But blindly following those who speak with authority
leads to all sorts of nonsensical outcomes.
If we are consulting an expert, it behoves us to examine the expert's
reasoning. If we are the experts, we should expect to have to explain
ourselves to those who rely on us -- and we should volunteer those
explanations rather than making people drag them out of us.
Cheers, Greg
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
