|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Alex Alten (Alten
home.com)Date: Sat Mar 31 2001 - 18:31:25 CST
At 08:05 PM 3/30/2001 -0800, Bram Cohen wrote:
>On Thu, 29 Mar 2001, Alex Alten wrote:
>
>> After examining three products from one fairly large software
>> firm, I come to the conclusion that maybe close to 100% of
>> the apps using SSL are deeply flawed from a security point of
>> view.
>
>That's to be expected - SSL is a complicated, hard to understand, and hard
>to implement specification. What's really needed are pre-fab
>implementations of problems software engineers run into.
>
I respectfully disagree. What's really needed is a crypto/SSL api where
99% is buried beneath the API surface, in particular key management and
access control/policy enforcement.
--Alex Alten
Alten
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]