On Thu, Mar 03, 2005 at 08:25:18PM +0100, Poul-Henning Kamp wrote: > > At the time where I wrote GBDE, the best that was offered was CGD (and > similar) and users (not cryptographers!) didn't trust it and history > have so far repeated.
To quote David Hume, "Never an ought from an is." That "users" (who are they? how many of them? What criterion or criteria of trust do they apply?) _did_ not trust X says precisely nothing about whether users _should_ not trust X. You seem to deny that there is a particular domain of expertise that is cryptography, or perhaps more rightly two domains, one being largely a subset of the other: how to design good cryptographic algorithms and how to use good cryptographic algorithms safely. Personally, I think that you ought to know better, and that your insistence that there is no such expertise and that arbitrary users (or programmers guided by the sentiment of such users) should feel just as warranted to make recommendations about what other arbitrary users should do, in this domain, is grossly irresponsible. If you found out that "most army ordnance officers believe that ball powder is superior to IMR powder as a propellant in small-caliber rifle cartridges", would you ignore the advice of the engineer who designed and tested your new rifle that ball powder would cause the weapon to jam? A lot of people in Vietnam got dead that way: sometimes experts do know what they're talking about, you know, and sometimes giving uninformed advice can have extremely negative consequences. You call Roland's criticisms of GBDE "handwaving". It is very hard to see how his specific refutations of the numerical claims of security that you made in your GBDE paper should be rightly considered as such, or why, on the basis of those false claims, you should continue to feel confident that your advice on disk security is good advice. Thor _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
