Re: S/MIME

[Jim Gillogly <jim@acm.org>]

Ian Clysdale wrote:

>    Sorry, I'm going to continue to take a viewpoint that I suspect is
> rather unpopular in this list, and argue for the advantages of weak
> crypto in certain circumstances, when it is KNOWN to be weak.   The
> phrase "Poor security is worse than no security" refers to the dangers
> in assuming that your communications are secure, even when they're
> not.  If you know that your cryptography is weak, it can still
> sometimes be sufficient for your purposes. What weak cryptography does

There's a good reason this viewpoint is unpopular: it includes the tacit
assumption that strong crypto is harder to do than weak crypto.  In fact
that's not the case.  It's as fast and easy to do RC4/128 as to do
RC4/40 -- the only extra resource is keying material, which is cheap.

The <only> reason to use weak cryptography is political.

I'll also challenge your "If you know that your cryptography is weak"
meme:
most people have no idea what cryptography is, and at best can look at
the
little key to see if they're on a secure page.  Explaining to them that
they're
not really secure is normally possible in a one-to-one tutorial, but most

people just want to get their work done, and if the program says they're
now
in secure mode, they'll feel free to send their SSN/SIN/NID and their HIV

status.  They <don't> know their cryptography is weak, even if you tell
them.

Bad idea!  Bad!


--
        Jim Gillogly
        14 Blotmath S.R. 1997, 18:27
        12.19.4.11.12, 1 Eb 10 Zac, Seventh Lord of Night