|
|
|
|
|
|
by sarciszewski
3785 days ago
|
|
|
> If you just want to get data from A to B over the network, TLS 1.2 (but upgrade to 1.3 when it's ready). Right. If you're not using TLS for your network communications, then your communications are not secure. Some people also have other requirements (e.g. "I need to store SSNs, how can I encrypt them and still be able to search by them in MySQL?") which require separate app-layer crypto. In those situations, don't roll your own. :) > Probably still worth hiring an expert to make sure you're doing it right but you have less chance of shooting yourself in the foot than if you try and roll your own. Agreed. > Sometimes I think if cryptographers wrote libraries that the rest of us could use and "just work", security worldwide would improve. Ah yes, boring cryptography. :) > Bernstein's NaCl and the derived libsodium is a good starting point though. Strongly agreed. |
|
|