Re: What algorithm should I use?

From: Sam Simpson (sam_at_samsimpson.com)
Date: 08/15/04 

Date: Sun, 15 Aug 2004 11:51:16 +0000 (UTC)

On Thu, 12 Aug 2004 11:11:58 +0000, Tom St Denis scribbled:

> S. Vinder wrote:
>
>> Tom St Denis <tomstdenis@iahu.ca> wrote in message
>> news:<trvSc.375171$rCA1.187671@news01.bloor.is.net.cable.rogers.com>...
>>> S. Vinder wrote:
>>>
>>> > Thank you in advance for any constructive (and hopefully fully
>>> > referenced) comments on both of your statements.
>>>
>>> Is this the part where I tell you to shove it?
>>
>>
>> Well, as I expected, you apparently have nothing sensible and
>> constructive to say. Sorry but your posts make the impression that you
>> are a child (I apologize if you are), or that you like to act like a
>> Usenet troll (if so, I apologize to the others that I've been feeding
>> the troll).
>
> Or it could be I'm tired of writing the same stuff over and over again.
> Usenet seems to have a never ending stream of "new idea" resistant
> jerks....

Build a FAQ, point people to the FAQ.

> Blowfish isn't secure in any sense of the word. Much to the extent that PGP
> isn't secure. Sorry if this comes as a "shock".
>
> What is implied is "can be used securely". But the problem is by laxing
> standards you get "Blowfish is secure therefore Blowfish in ECB mode is
> secure". Or you get "PGP is secure therefore PGP with password "passwd" is
> secure"...

Under the assumption that the private key is kept, erm, private, the use
of a password of "passwd" or even no password can be just fine.