|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Salut, Maurice Volaski, On Mon, 7 Jul 2008 11:53:17 -0400, Maurice Volaski wrote:Again, I think you're confusing security with a lazy programming practice. We're talking open source here. The perfect oracle is already there, just not in plain English.I'm not talking about exposing information about the source code, which is good, but disclosing information about the key material, which is not nearly as desirable. Please keep that in mind when you re-read my prior mails as you don't seem to have understood it.
Who said the key needs to be exposed to the client's debug log or even the server's? Are you trying to say that fixing this real example of lazy programming, https://bugzilla.mindrot.org/show_bug.cgi?id=1388, is somehow going to expose the key?
-- Maurice Volaski, mvolaski@xxxxxxxxxxxx Computing Support, Rose F. Kennedy Center Albert Einstein College of Medicine of Yeshiva University
[Home] [Fedora Users] [Fedora Legacy] [Fedora Desktop] [Fedora Bible] [Big List of Linux Books] [Yosemite Photos] [Yosemite News] [Yosemite Campsites] [KDE Users] [Gnome Users]
|
|