[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: threshold subjects

Carl Ellison wrote:
> The more I look at real examples, the more valuable Tatu's threshold 
> subject appears.

I think that this is really what threshold subjects are all about -
reflecting real-world experience in the "cyberspace" counterpart.  Now, my
expierence in computer security is limited, but I find the Clark-Wilson
integrity model very attractive simply because it is based on real-world
experience.  Re-inventing the wheel is not always necessary.

> [] AFAIK, this is the cleanest (only?) way to permit the on-line 
> replacement of a root key which has been compromised.

Am I the only one who finds the thought of a singular root key scary?
Surely not? :-)

I would not want to see threshold subjects removed.

Camillo Särs <Camillo.Sars@DataFellows.com>   Data Fellows Ltd.
F-Secure Support
http://www.Europe.DataFellows.com/      Aim for the impossible and you
http://www.iki.fi/ged                   will achieve the improbable