On 05.01.2009 01:00, Eddy Nigg wrote:
Ahhhh dev.security...yes, the forgotten step child of crypto. At times we used to post there (and cross post to crypto) and don't know why crypto became the de-facto list for all CA/SSL/Policy related issues.
Because crypto (including CA) is just a small and very special part of security. For me, security is mostly about preventing others to take over my computer. Apart from the updater depending on SSL, this has nothing to do with crypto, but all with buffer overflows, JS sandbox/caps etc.. In other words, crypto is about secure transfer. Security is about firewalling/protecting my own premises.
FWIW, I read both via NNTP. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
