On Mon, Jun 24, 2013 at 11:19:52PM -0500, Philip Dorr wrote: > On Mon, Jun 24, 2013 at 9:59 PM, Christopher Morrow > <morrowc.li...@gmail.com> wrote: > > it's fair to say, I think, that if you want to say something on the > > network it's best that you consider: > > 1) is the communication something private between you and another party(s) > > 2) is the communication going to be seen by other than you + > > the-right-other-party(s) > > > > and probably assume 2 is always going to be the case... So, if 1) is > > true then make some way to keep it private: > > ssl + checking certs 'properly' (where is dane?) > > gpg + good key material security > > private-key/shared-key - don't do this, everyone screws this up. > > SSH + SSHFP + DNSSEC does public/private key pretty well
If one or another of the TLAs hasn't solved, say, the BIGNUM_factoring problem. If they have, then elliptic curve crypto looks interesting. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
