lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

David Haley wrote:

Anyhow in order to judge your protocol, you need to specify what kind of attacks you're trying to protect against, if any, and what level of security failure is tolerable. You pointed out that security is always a compromise, but there's SSL's compromise and then there's this compromise. :-)

As a final note before I think this topic should be taken away from the Lua list, if you're curious, check out some of the slides at:
The first slides, 'Introduction', cover the Needham-Schroeder protocol which is a good example of a security flaw having nothing to do with cryptography.