[cdavidcash]

Re: the crypto questions.

Not only are these just trying establish if you're in the club or not, but judging from his answers on the DH vs RSA questions (which are not-well formed to begin with), it seems like he's trying to establish if you're in the club that knows the names but has no knowledge of WTF is actually going on in crypto.

[danielrm26]

I'm the author and I wouldn't say I am a crypto guy, but the conceptual difference between RSA and DH is clear to me, and I defend the proposition that it should be for others in infosec as well.

Can you explain where this is in error?

[tptacek]

I can't speak for the parent comment, but saying that "Diffie-Hellman" is a good answer to the problem of establishing a secure channel over an untrusted medium is like saying "plutonium" is a good answer to the problem of submarine propulsion.

[JoachimSchipper]

It's a category error to those well-versed in cryptography, like "explain the difference between mergesort and recursion" - two unrelated concepts. (Whereas "explain the difference between quicksort and mergesort" is an interesting question.)

Your answer also does not sufficiently differentiate between e.g. key agreement (DH), message authentication ("signing"; HMAC), symmetric encryption (AES), or asymmetric encryption and signing (RSA).