On 4/08/2014 1:16 AM, Bzzzz wrote: > The question raise the underlying problems:
<snip> > * Should we pay for good crypto (and very good cryptanalysis)? > I think YES (stop yelling, think crowfunding;), because > good crypto skills are rare and thus expensive; > furthermore, we need stable teams. > What we _really_ can't afford is having any doubt against > crypto. All good points, trouble I see is that even /good/ teams can become violated by someone ... NSA working with NIST is one example; I'm not going to say anything more on that other than "things aren't always as they appear." I'm also not going to allege that the HeartBleed bug was intentional, but it could have been and we may never know for sure. Cheers A.
signature.asc
Description: OpenPGP digital signature
