From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com
Message Hash: 9d0121c3894131ce2d5387388cbadeca5f63d1f55f522e85e13b77d7638f6a54
Message ID: <199612062035.MAA03484@netcom7.netcom.com>
Reply To: N/A
UTC Datetime: 1996-12-06 20:35:27 UTC
Raw Date: Fri, 6 Dec 1996 12:35:27 -0800 (PST)
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 6 Dec 1996 12:35:27 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: Systems with weak crypto, was: The House Rules At The Permanent VirtualCypherpunks Party
Message-ID: <199612062035.MAA03484@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 9:46 AM 12/6/96 -0500, Dr.Dimitri Vulis KOTM wrote:
>If an entrepreneur wants to sell a new electrical gizmo and wants an
>independent review of its safety, he pays $$$ for it. Apparently one of the
>functions of the new brand of "cypher punks" is to provide a similar service
>for free. Sorry, I'm not a part of it, and I'm not *that* interested in Don's
>proposal. I have better use for my time.
However, I assume that you have no objection to others reviewing Don't
proposal for free (Actually for reputation).
>
>I also don't think that the ease of breaking the code should be the only
>consideration in evaluating a low-end cryptographic product. ...
>
>... If someone wants to market (and support) a crypto package for
>the masses and gets the masses to deploy it, I take my hat off to them. It
>doesn't matter if the code itself can be cracked as easily as the codes used
>in PKZIP or MS Excel or MS Word (reportedly). If the users discover that the
>code isn't strong enough for their needs, they'll upgrade to stronger codes.
>The path from weak crypto to strong crypto is much shorter than the path from
>no crypto to some crypto.
>
>If the user interface and [did you mean "is" - bf] logical and transparent
>and provides hooks to
>replace the weak (non-export-controlled) crypto being shipped with a stronger
>one (say, by FTPing a DLL) then it's a Good Thing.
Good interfaces are definitely something needed for the widespread adoption
of crypto, either strong or weak. However, the general opinion I have
heard is that UIs with easily replaced crypto are covered by ITAR.
>Don is doing a Good Thing and the "cypher punks" are doing an evil thing.
If Don is contributing to better interfaces, then I agree he is doing a
good thing. If all he is doing is proposing a new algorithm and describing
it with, to be charitable, non-standard uses of well defined terms, then I
disagree.
I strongly disagree that cypherpunks are doing an evil thing by exposing
the weaknesses in anyone's (including Don's) crypto system. There are many
ways to contribute, and publicizing the facts about a system are one of
them.
-------------------------------------------------------------------------
Bill Frantz | The lottery is a tax on | Periwinkle -- Consulting
(408)356-8506 | those who can't do math. | 16345 Englewood Ave.
frantz@netcom.com | - Who 1st said this? | Los Gatos, CA 95032, USA
Return to December 1996
Return to “frantz@netcom.com (Bill Frantz)”