Date: Tue, 9 Mar 1999 23:54:38 -0800
Message-Id: <199903100754.XAA00502@awe181-20.>
From: Frank Yellin <fy@awe181-20.Sun.COM>
To: java-security@java.sun.com
Subject: Don't believe anything I write after 11pm
I seem to be massively misreading ECB for CBC and vice versa.
The test code that I wrote several weeks ago that I thought let me use CBC
for decryption without an AlgorithmParameters. . . .
I double checked. I misread. It was ECB.
My confusion over the Alice/Bob Key Agreement code is what tipped me off.
I was certain that it also used CBC. And I was certain that I copied it.
I'm still, like David, bothered by the non-WORA aspect.
I assumed that the purpose of different providers (and I think I read this
somewhere!) was that one provider might have a higher security rating,
or faster algorithms, or provide a wider variety of algorithms.
I didn't think that they were allowed to give different answers to the
same question. Users will be surprised once they have multiple providers.
== Frank