RE: CRC32 - thoughts on Gutmann response|
Fri, 26 Sep 2003 16:40:43 -0300 (BRT)|
My reply to this message is gone by the "private" channel... Even if this
word doesn't make sense for some when it is under the context of Virtual
> Renato Salles writes:
>> Well, IMHO "some good encryption" is not enough. Very good encryption
>> near impossible to be "cracked" is enough.
> I am amused at the number of people saying this in cleartext email :)
> There are situations where you need ironclad encryption, situations
> where you don't need any encryption at all, and situations where a
> little privacy is desireable but not vital.
> Encryption is not the only thing affecting a network's security; it's
> a partner with authentication and access control. There are contexts
> where you don't care if anyone intercepts your info as long as you're
> sure who sent it, and there are cases where controlling access is all
> that matters.
> The number of cases where "Pretty Good" encryption has been cracked in
> the field is dwarfed by the number of security breaches from human
> error, so I rate simplicity a lot higher than the ironcladness of
> encryption. CIPE is simple to configure and even simpler to use, so I
> rate it highly even without any encryption improvements. If the
> encryption can be improved without sacrificing simplicity, so much the
> better. However, CIPE as it is now is good enough for most (not all)
> of the cases I care about.
> Dick St.Peters, stpeters,AT,NetHeaven,DOT,com
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: