Flexibility leads to complexity and complexity is the enemy of security, so it's a shame that many security-related systems and APIs seem to themselves be designed with maximum flexibility in mind


Here's Niels Ferguson and Bruce Schneier's paper from 2000 where they dedicate about a quarter of the paper to ranting about how IPsec is too damned complicated

I'm looking forward to Wireguard coming out of alpha. It's so beautifully simple.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!