[VOIPSEC] Soft Phone Vulnerabilities
Michael Slavitch
slavitch at gmail.com
Thu Jun 15 11:02:59 CDT 2006
I am speaking for myself on this matter, period. This is my personal email
address. Like in standards bodies the assumption that the opinion is
personal is usually obvious. Again, I am speaking for myself.
"The Blame Will Fall On Skype"
Exactly. That is my whole point. That is a powerful motivator.
1. Your job is to help eBay get it right and have eBay trusts you and
Verisign.
2. eBay's job is to get customers and businesses to trust them.
3. My job is to get enterprises to trust the use of Skype inside their
businesses.
How you do your job is your business, how eBay does it's job is it's
business, and how I do my job is my business.
I am not sure where open peer review falls into this equation when the trust
is with the organization and the individual, not the protocol.
I trust them to get it right, because it will be their fault, far more than
I trust impementations of open systems where the stakes are low.
And I agree with you that SSL1.0 was easy to break. I'm glad you broke it.
I am sure that similarly smart people are being challenged to break Skype.
Regards
Michael
More information about the Voipsec
mailing list