Bryan Ford <brynosaurus(_at_)gmail(_dot_)com> writes:
This attitude, that IETF-standardized protocols should not attempt to address
known or foreseeable weaknesses unless there are documented cases of those
specific attacks happening in the wild *right now*, is one key reason
Internet security is in such a horrific state.
Or it's the exact opposite, every Internet protocol is expected to defend
against every theoretically imaginable scenario, which means they have to
defend against literally [0] everything.
Since no protocol can defend against everything, what happens in practice is
that the most vociferous people involved in its design select a few things
they care about (the NSA, the mind control satellites, quantum cryptanalysis,
and the lizard people) and defend against that, and the fact that a phished
credit card and a commercial CA who'll sell you any cert you ask for can bring
down the whole house of cards is ignored.
So you need some means of deciding what's worth defending against. "Is this
practical" and "would anyone ever bother doing this" are two reasonable
criteria for estimating what's practical.
Peter.
[0] And when I say literally I mean figuratively.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp