“PKI-me-harder”

The saag list has a thread discussing “SHA-1 to SHA-n transition”, with all the expected bumps, wrinkles, and sad realities. But entertaining and thoughtful. My favorite comment at the moment is one of Peter Gutmann’s:

It looks like we’re nowhere near admitting that we have a
problem yet if the response to the failure of PKI is PKI-me-harder.

It’s a little like the problem of building a boat in your basement, and then seeing you can’t get it out. Is this a design issue, a deployment issue, or have we fundamentally misunderstood the project? (Once you add local zoning and construction regulations, it’s not long before you wish you’d never started this damn boat.)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s