[PP-main] Technical/implementation matters

Andrew Cooke andrew at andrewcooke.free-online.co.uk
Sun Mar 5 22:05:55 CET 2000

At 10:31 AM 3/3/00 -0600, you wrote:
>On Fri, Mar 03, 2000 at 04:05:01PM +0000, Andrew Cooke wrote:
>> [...] No offence, but I would be very
>> wary of a protocol designed by someone else that hadn't had the same level
>> of public scrutiny.  

>I agree that SSL is rather commonly used. However, the system we're making
>works quite well, and is based on implementations that have been publicly
>scrutinized for quite some time, and are also patent free, namely Twofish and
>ElGamal, with the majority of code taken directly from GPG.
>Take a look at our Flux library, http://projects.simplemente.net/flux/ if
>you're interested.

I was interested, but the links for documentation on Cryptography and
Entropy didn't exist.  You might be using recognised ciphers, but If you
haven't yet documented the protocol I don't think that you can argue that
it has been under much public scutiny.  How do you deal with
man-in-the-middle attacks using address spoofing, for example?



More information about the Peerpress-main mailing list