On Sat, 17 Aug 2002, John Kelsey wrote:
Also, designing new crypto protocols, or analyzing old ones used in odd ways, is mostly useful for companies that are offering some new service on the net, or doing some wildly new thing. Many of the obvious new things
I agree with this as far as "crypto" protocols go. But one thing to keep in mind is that almost all protocols impact security, whether their dsigners realize it or not. Especially protocols for file transfer, print spooling, or reservation of resources. most of these are designed without people identifying them as "crypto protocols." Another thing that makes it worse -- composition of protocols. You can do an authentication protocol and prove you're "you." Then what? Does that confer security properties upon following protocols, and if so what? -David --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com