[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI QUESTIONS: 2.6 Formal proofs of security
I would like to see a good analysis of the protocol done. That's
valuable.
'Proofs' don't convince me personally, and could conceivably mislead
the uninitiated. As Andrew pointed out, a proof finds only the
problems you're looking for. Maybe I'm just not enough of a
cryptographer or academic to be convinced of the value of the proofs
in security... I'd rather see a protocol analysis.
jan
On Thu, 20 Jun 2002, Theodore Ts'o wrote:
>
> Please discuss and answer this question.....
>
> 2.6 Formal proofs of security
>
> 2.6.) Does SOI need to provide a formal proof of security? (Is this
> a "must have" or a "nice to have"? What are we willing to trade-off
> for having a formal proof of security?)
>
> Implications from the Scenarios:
>
> [none]
>
--
Jan Vilhuber vilhuber@cisco.com
Cisco Systems, San Jose (408) 527-0847
http://www.eff.org/cafe