Read Bruce Schneier's Applied Cryptography was Re: One more
time, SSL vs GPG
S. Alexander Jacobson
alex at alexjacobson.com
Thu May 19 12:27:51 EDT 2005
I've read the book. I understand crypto well enough. Perhaps you
could answer a simple question:
If I query Hackage for a package URL, what assurance do I have that
the URL I receive is actually correct?
Note, I am NOT asking how you authenticate the content retrieved from
that URL. I am asking how you know the URL itself is correct?
S. Alexander Jacobson tel:917-770-6565 http://alexjacobson.com
On Thu, 19 May 2005, Shae Matijs Erisson wrote:
> "S. Alexander Jacobson" <alex at alexjacobson.com> writes:
>> GPG secures documents, not interactions.
>> SSL secures interactions, not documents
>> Hackage is an interaction not a document.
>> Therefore, SSL can secure Hackage, but GPG can't.
> I suggest you read Bruce Schneier's book Applied Cryptography.
> I hope that will unconfuse you.
> For more information on the book - http://schneier.com/book-applied.html
> It's an excellent book, I read it when I had a job implementing RFC3161.
> It seems I've been living two lives. One life is a self-employed web developer
> In the other life, I'm shapr, functional programmer. | www.ScannedInAvian.com
> One of these lives has futures (and subcontinuations!)| --Shae Matijs Erisson
> Libraries mailing list
> Libraries at haskell.org
More information about the Libraries