funsec mailing list archives
IETF Journal: Security Protocol Failures
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Tue, 26 Feb 2008 23:04:20 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Phillip Hallam-Baker writes in The IETF Journal (Volume 3 Issue 3 - December 2007): [snip] The Internet is insecure, so what went wrong? Contrary to widely held belief, the reasons for Internet security protocol failure are not primarily technical. Failure to understand the risk model and to meet the actual user requirements are much more significant causes of security failure. The economics of security protocol deployment and security usability engineering are also key: a protocol might as well not exist if it is not used. [snip] Much more here: http://www.isoc.org/tools/blogs/ietfjournal/?p=176 Very much worth a read. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHxJrxq1pz9mNUZTMRAj7jAJ9H9JOYKC4ihMSzxMtnokbkGm46cwCfQ0te dOlYuPdTmfzQWNk0Eeds34Y= =XQAR -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- IETF Journal: Security Protocol Failures Paul Ferguson (Feb 26)