Gnu PG is more Safe ?
oxopz7 at riseup.net
oxopz7 at riseup.net
Tue Jul 23 20:25:48 PDT 2013
No results about the last two books Peter! :'(
What about these books:
SSL TLS Essentials Securing the Web
SSL and TLS Theory and Practice
Implementing SSL TLS Using Cryptography and PKI
Actually; I want to focus on the algorithms that are used on it.
Not just know or implement and doing things with these protocols!
Cheers to all,
Best Regards,
> Anthony Papillion <papillion at gmail.com> writes:
>
>>Because GnuPG is open source, it's been extensively peer reviewed and
>> found
>>safe and secure.
>
> That should actually say "because GnuPG is open source, people assume that
> someone else has extensively peer reviewed it and therefore assume that
> it's
> safe and secure". For example there was a long-standing RNG bug that was
> very
> obvious if you looked at the code, but was only discovered by chance when
> someone who was interested in the RNG happend to read through the code and
> thought "hmm, surely that can't be right". Having code that's open source
> doesn't help at all if no-one looks at it.
>
>>One of the best ways to learn about tech topics is reading RFC's. The
>> entire
>>way SSL/TLS operates is detailed in an RFC. Read I'd and you will be
>>infinately more informed.
>
> Argh, no. The best way to confuse someone is to get them to read an RFC.
> Find
> a good book on the topic, e.g. for SSL/TLS there's Eric Rescorla's "SSL
> and
> TLS: Designing and Building Secure Systems". Before that, read "Network
> Security: Private Communication in a Public World" by Kaufman et al.
>
> Peter.
>
More information about the cypherpunks
mailing list