[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: inbound policy verification
> IMHO having a very permissive wildcarded entry at the end of the SPD can be
> slightly risky, from a s/w engineering perspective.
And as was pointed out in one of the "trust" sessions at the Chicago IETF,
such non-monotonic specifications ("everybody except Joe gets to change
the file") are also relatively difficult to formally reason about, because
adding a credential can reduce permissions.
They are, unfortunately, also very useful.
Henry Spencer
henry@spsystems.net
(henry@zoo.toronto.edu)
References: