ianG <iang(_at_)iang(_dot_)org> writes:
One moving part in particular is the interface design. It has been an
article of faith for a long time that the crypto libraries should deliver to
the application a CIPHER metaphor, and that's good enough for any programmer.
And a MAC metaphor. And a MODE metaphor. Which has gradually morphed into a
CIPHER/MODE/MAC metaphor.
And one with the defaults set wrong. In Java, do a Cipher.getInstance("AES")
and you get AES in ECB mode. To paraphrase a quote about C, "it gives you a
loaded gun and points it at your foot by default".
Peter.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp