[Top] [All Lists]

Re: Anybody know details about Schneier's "flaw"?

2002-08-15 00:51:38

* Jon Callas wrote:
The text that is in there is some talk in the sections on compression, which
say that a decompression error should be considered to be a security
problem, not a data problem (in other words, don't typically let the user
have the damaged plaintext), and some language that recommends encouraging
people to use MDCs. There is also a relatively long section in Security
Considerations. Take a look, I think you'll like it.

Fine. I don't support Schneiers Claim to withdraw 'uncompressed'-compression.