Philipp Gühring wrote: > Are there any facts or reasons against CISSP? Are there any > alternatives?
Many. Google for "CISSP criticisms" and you'll find a lot of reasons to suspect the CISSP, along with some well-regarded alternatives to it. CISSP nominally requires four years of industry experience in computer security before they'll grant a cert, but in reality their definition of "industry experience" is very broad and permissive. I'd much rather judge someone on the basis of the industry experience they used to get their CISSP than I would on the basis of the CISSP itself. > My personal opinion is that PGP was designed to protect normal > confidential data, not to protect spy information. This is not true. The OpenPGP standard was designed to stand up to absolutely brutal cryptanalytic attacks. When it comes to email cryptography standards, OpenPGP really is the gold standard. > Spy communication has more demand for steganography (making sure that > you don´t even notice the transmission and not just that you can´t > read it), and less demand for "public" key systems ;-) I don't mean to sound sarcastic or caustic, but I really wish people who advocate steganography would first read the academic literature on it. I'm fond of Moulin and O'Sullivan's "An Information-Theoretic Analysis of Data Hiding". Steganography does not have a strong theoretical foundation. As such, I think it's dangerous to think steganographic implementations are ready for prime time. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
