we have to assume that software engineering police exist, working undercover. For example, http://www.bbc.com/news/uk-26478149
That is, it is the mission of some on your team, some in your open source community, to not be acting per the community purpose (while professing they do). They are there to subvert (and get code inserted that allows crypto compromise).
Subversion in open systems; and Public trust. How to deal with it?
cryptome distribute a draft of a book, that fails to address the topic. It does engage in a 100 page rant…against PKI.
Key management is hard. Key management for 5 billion people and even more devices is very hard (and has never been done before). A lot of the book rants against the PKI concept – for the internet – designed nearly 15-20 years ago (as reflected, still, today). That said concept has evolved from THEN to NOW, is a testament to the architecture. The world looked different back then!
Peter is a good designer. But, he fails to address the topic: that the engineering process like the standards process is SUBVERTED from within. Its NOT SUPPOSED TO WORK, dummy! (its supposed to be spied upon, covertly.)