[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Other *-forms for dates and times, and love

To: bt0008@sbc.com, rivest@theory.lcs.mit.edu, bryce@digicash.com, frantz@netcom.com
Subject: Re: Other *-forms for dates and times, and love
From: "Brian M. Thomas" <bt0008@entropy.sbc.com>
Date: Wed, 9 Apr 1997 07:09:38 -0500 (CDT)
Cc: spki@c2.net
Sender: owner-spki@c2.net


> 
> However, if the verifier allows me to read your private mail, there is
> nothing which prevents me from spamming it across the universe, or more
> likely, forwarding copies to badguys.org.
> 

The point being, of course, that once you have the information, it's no
longer necessary to read my files, because it's now in your files, so
that no permission scheme I implement can control it.

This will always be the upper bound on all security schemes:  not the
trust mechanism, but the appropriateness of the trust-granting choices,
which is not at all a technical matter.  The schemes we implement are
targeted at enforcing our choices, not proving that they are wise ones.

brian


Brian Thomas, CISSP - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                                    bthomas@primary.net
One Bell Center,  Room 34G3                          Tel: 314 235 3141
St. Louis, MO 63101                                  Fax: 314 235 0162

Follow-Ups:

Re: Other *-forms for dates and times, and love

From: Bill Frantz <frantz@netcom.com>

Prev by Date: Re: Other *-forms for dates and times, and love
Next by Date: Re: Certs
Prev by thread: Re: Other *-forms for dates and times, and love
Next by thread: Re: Other *-forms for dates and times, and love
Index(es):
- Main
- Thread