Thanks for the living hell, and question about OpenSSL
Declan McCullagh
declan at well.com
Mon Apr 28 06:28:16 PDT 2003
On Sat, Apr 26, 2003 at 11:41:02AM -0700, Eric Cordian wrote:
> cryptography is fundamentally a trust-based system. With the rise of the
> Internet, and almost all crypto being done by people who do not physically
> meet to exchange keys, almost all crypto is public key crypto.
>
> Therefore, almost all cryptography (at the present moment) is based on
> trust.
Right. But there's still a difference between:
* I trust that my computer has not been black-bagged (because I've
checked, or have steps to prevent that, or it would require more effort
from my adversary than I'm worth)
* I trust that the current state of the art in terms of factoring in
the public literature is within several orders of magnitude of what's
in the classified literature.
And:
* I trust Paypal or Microsoft Hotmail to guard my privacy at all costs
when faced with an urgent, secret request from John Aschroft.
-Declan
More information about the cypherpunks-legacy
mailing list