Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> You should never, ever, never, nevern, nervenvarn build your own production ECC code.

Well, ultimately, somebody has to.



Sure; Adam Langley, or Daniel Bernstein.


Preferably the latter.


Yeah, but then you get opinionated curves. :)


Luckily, djb's opinions seem to usually be right!


And surely it would be better to have many implementations than a couple?


> And surely it would be better to have many implementations than a couple?

Its probably better to have more qualified people working on (analyzing and validating, particularly) a smaller number of production implementations than fewer people per implementation doing that with a larger number of production implementations.

Encryption is an area where doing one, very precisely defined, task correctly is critically important; the considerations in that domain are different than in many other domains of software.


No, I don't see how that's surely better.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: