CDR: Re: Schneier: Why Digital Signatures are not Signatures (was
Declan McCullagh
declan at well.com
Thu Nov 16 20:38:18 PST 2000
On Thu, Nov 16, 2000 at 08:56:12PM -0500, David Honig wrote:
>
> Herr Bear's two paragraphs below are among of the most clear, concrete
> explanations of 'why security is hard/ crypto is insufficient' that I've
> read. Clear to a programmer, anyway.
>
> But still, I think that the vast majority of users will end up
> trusting something, and the vast majority will be well secured.
> Most do not, for example, worry about black-bag jobs.
>
> How many hardcore cpunks have reverse engineered the source
> to the security apps they actually use? PGPDisk *and* PGPfone *and*
> PGP version whatever? With time left over for SSL? And you do regular RF
> sweeps too? Do you work on your own brakes, too?
No, I don't do those things. I hire an accountant for my taxes, a
lawyer for such affairs, a mechanic for my car, and so on. Modern
society is build on trust relationships in a free market, combined
with a division of labor.
Crypto is subtle, true, but so is tax law, litigation, and modern
automotive control systems. It is not in principle different from
those areas, where money, property, and life is at stake, and we trust
others to help us.
-Declan
More information about the cypherpunks-legacy
mailing list