I agree strongly that having weak crypto in a system is more dangerous
than on crypto. The major barrier to crypto these days is not math or
computer science, it's usability. Weak crypto creates a usability
nightmare.
Consider it from a user's perspective, mine. I trade stocks online. My
broker supports https:// connections. Recently I upgraded Netscape.
For some reason, the strong crypto versions of Netscape tend not to
come out for Linux. For a month I traded using a 40 bit cypher. I
never noticed. I finally remembered to fix my browser (thanks,
Fortify) and started trading again with my 128 bit cypher. Secure!
Then one day DNS failed and the certificate for an affiliated website
popped up. I was shocked to see that the certificate was being used
with a 40 bit cypher. I have no idea what info has been leaked out
that channel.
The point is that in Netscape, it is very hard to tell if a given link
is 40 bit or 128 bit. Sure, with enough poking around looking at page
info you could probably figure it out. Or maybe someone knows if the
little padlock means something like the little key used to. But I'm a
crypto-sophisticated person, and I don't know. What about people who
don't understand the technology at all?
Programs like Netscape do their users a disservice by giving them weak
crypto. Sure, companies are under all sorts of commercial pressures,
and they make decisions based on marketing needs, not sound design.
But surely the development side of the Internet, the IETF and the
providers of first implementations, can do better?
[EMAIL PROTECTED]
. . . . . . . . http://www.media.mit.edu/~nelson/
