Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Wasn't that more of "don't implement crypto yourself" than "don't use AES" though?


Indeed. Which carries through to this: If you're telling your users that you use {lower_level_crypto}, either you really mean "we're using GPG", and you should say that, or you rolled your own and you're violating the aforementioned suggestion.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: