security
James A. Donald
jamesd at echeque.com
Tue Oct 24 04:21:48 UTC 2006
Scott Kveton wrote:
> Can folks give me an example of something that was
> completely secure from day one and that got
> wide-spread adoption?
SSH was designed to be completely secure from day one,
and except for the usual bugs, was.
In contrast, we have *never* entirely succeeded in
retroactively cobbling security on top of a protocol
that was not designed from the beginning to be secure -
in particular, secure modes for telnet, the primary
competitor of SSH, never really worked.
Because SSH has only one mode, and that mode secure, the
user will seldom see an "are you sure" dialog, and is
therefore not trained to click through that dialog.
As "Practical Cryptography" tells us:
: : Systems can rarely be developed from scratch,
: : and often need to be secured incrementally or
: : after development. Systems need to be
: : backward compatible with existing insecure
: : systems. Both of us have designed many
: : security systems under these constraints, and
: : we can tell you it is practically impossible
: : to build a good security system that way
More information about the general
mailing list