undefined | Better HN

0 pointsX-Istence13y ago0 comments

Except that to implement TLS for example you NEED to type OpenSSL into your code, and to set the allowed ciphers for the connection you need to type AES.

I agree with you that Keyczar is good to use for certain use cases, but that isn't always the case. Instead of always telling us to use Keyzcar how about showing us how to use the primitive libraries more correctly to have secure applications YET at the same time allow us developers to have the flexibility to use them as we need to use them for compatibility with other implementations or with government requirements (for those of us in the gov't contracting world).

You are in the unique position that you have seen all of the mistakes and know how to avoid them and thus could help developers avoid those mistakes as well.

0 comments

3 comments · 1 top-level

tptacek13y ago· 2 in thread

If you're implementing TLS using OpenSSL, you aren't using it to do custom crypto for your app.

No, I don't think I'll be spending time trying to help people roll safe custom crypto by hand using the primitives in OpenSSL. For one thing: I'm nowhere close to confident that I know enough to make recommendations like that.

X-IstenceOP13y ago

So don't tell us how to use the primitives, tell us in high level overview of common mistakes that are made so that we can watch out for those. Some of us simply don't have the luxury of using Keyczar.

You are well respected when it comes to the field of crypto in this community, you have a lot of knowledge that comes with that, and I believe sharing that knowledge would be more beneficial than just saying "Use Keyczar". Sometimes that one tool just doesn't fit the bill and or can't be used due to contractual obligations/constraints. Even if you are not confident to make a recommendation of how to use OpenSSL securely you can at least say "These are the top 5 mistakes I see" and "Typing A-E-S into your code" can be on that list, but it isn't very constructive.

tptacek13y ago

Getting people not to make dumb crypto mistakes, by getting them to either (a) not write crypto code in the first place, or (b) if they have to encrypt stuff, to use GPG to do it, or (c) at the very least, to use a library interface that has been bulletproofed like Keyczar or cryptlib --- that seems way more productive than leading people down a garden path of the individual flaws I know how to test for, and letting them think they're secure.

j / k navigate · click thread line to collapse