Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:46 ADT
Xcott Craver (caj@math.niu.edu)
Tue, 21 Jul 1998 17:24:38 -0500 (CDT)
On Tue, 21 Jul 1998, Robert Hettinga wrote:
> Fine. I tell you what. I'll do just that. <plug-mode> I'm going to be the
> luncheon speaker, at 12:30 - 2PM on Wednesday, September 2, at the USENIX
> workshop on Commerce in Boston. </p-m>
>
> I'll stand up, right there in front of people like Bruce Schneier, Dan
> Geer, Scott Guthery, and Bennet Yee, and say that DES is DED. I promise.
Oh, no. Not DED, but "snake-oil." I want you to go up in
front of all those crypto types and say "DES is snake-oil,"
just like you said here. No qualifiers like, " (any product
selling single) DES (and promising strong crypto) is snake-oil."
Just "DES is snake-oil."
Something tells me you'll give across the impression of
being too harsh. I would consider such a phrase pretty
disrespectful to the creators of a formidable cipher, just
as much as if you said, "DES is a piece of crap."
> Happy?
> Look at it this way. If you tried to sell me a Japanese Purple machine
> right now and told me it was state of the art, you would be a fraud,
> selling me snake oil. In 1943, of course, you wouldn't have been.
Okay, but I would still consider the phrase "PURPLE is snake-oil"
to be false, even if your *product* is snake-oil.
It's easy for a product to be considered snake-oil, because
it can implement something badly, or something obselete.
But for an actual cryptosystem, an algorithm, the label of
"snake-oil" is much more damning, suggesting an algorithm
that's a worthless piece of crap.
-Caj
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:46 ADT