On Fri, Feb 12, 2010 at 03:12:30PM +0300, Basil Dolmatov wrote:
...have had much less _published_ cryptographic review... I would say. ;)
I am not a security expert, but I've never met one who thought that
unpublished cryptographic review was worth a dime. Moreover, for the
purposes of the IETF, if something isn't published it might as well
not exist: we have no way of knowing one way or the other.
If you mean "published to a limited and vetted community of
NDA-covered experts", that might yield different conclusions about the
value of the review (depending I guess on how free those experts think
they are to disagree). But it would have no effect on the value of
those reviews for IETF purposes, which just depends on the publication
(and, actually, publication in a language the community can
understand).
I have no feelings about the merits of the algorithm. But there are
too many side issues in this discussion already without us getting
into a battle of whether the review is adequate: the reviews aren't
apparently available as far as this community is concerned,
unfortunately, even if they've been done
A
--
Andrew Sullivan
ajs(_at_)shinkuro(_dot_)com
Shinkuro, Inc.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf