Steven Jenkins said:
> But let me put the burden of proof back on you. Can you name a single
> acknowledged security expert who says "the first rule of security is not
> to talk about security". I can find plenty who say the opposite.

I believe all Lothar was trying to say is that on an academic level it's
very right and proper to talk openly about security concepts, practices,
etc and to learn from each other, but as a commercial company hoping to
protect IP it's probably not wise to go about volunteering information
about your specific security mechanisms.

That's my read on it, anyway.

Thanks,
John