Greetings,
It was brought to my attention that Crypt::DES is included in the
Phalanx 100 list. While I'm flattered, I think this should be replaced
by a better symmetrical crypto module like Crypt::Rijndael.
The reasoning is simple. Crypt::DES is terribly weak and slow by
comparison. The algorithm is old and included in CPAN to allow
backwards compatibility with 3rd party cryptosystems.
By inclusion in the Phalanx 100 list, it may be inferred by those
without a cryptography background (or even merely a working knowledge of
cryptography) as a reasonble module to use for a modern cryptosystem
when it most definitely isn't.
Thoughts and comments welcome.
Kind Regards,
-dsp <amused-AT-pobox-DOT-com>
CPAN ID: DPARIS
