Re: Read Bruce Schneier's Applied Cryptography was Re: One more time, SSL vs GPG

19 May 2005

      I've read the book.  I understand crypto well enough.  Perhaps you 
could answer a simple question:

   If I query Hackage for a package URL, what assurance do I have that
   the URL I receive is actually correct?

Note, I am NOT asking how you authenticate the content retrieved from 
that URL.  I am asking how you know the URL itself is correct?

-Alex-

______________________________________________________________
S. Alexander Jacobson tel:917-770-6565 http://alexjacobson.com

On Thu, 19 May 2005, Shae Matijs Erisson wrote:
...
"S. Alexander Jacobson"  writes:
...
GPG secures documents, not interactions.
SSL secures interactions, not documents
Hackage is an interaction not a document.
Therefore, SSL can secure Hackage, but GPG can't.
I suggest you read Bruce Schneier's book Applied Cryptography.
I hope that will unconfuse you.
For more information on the book -  http://schneier.com/book-applied.html
It's an excellent book, I read it when I had a job implementing RFC3161.
-- 
It seems I've been living two lives. One life is a self-employed web developer
In the other life, I'm shapr, functional programmer.  | www.ScannedInAvian.com
One of these lives has futures (and subcontinuations!)|  --Shae Matijs Erisson
_______________________________________________
Libraries mailing list
Libraries@haskell.org
http://www.haskell.org/mailman/listinfo/libraries