|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Mon, 13 Jul 1998 20:53:51 +0100 From: Ben Laurie <ben@algroup.co.uk> To: Phil Karn <karn@qualcomm.com> CC: cryptography@c2.net Phil Karn wrote: > It merely illustrates a basic security principle we've known for a > very long time: security mechanisms should always be placed as close > as possible to the entities that they protect. And to prevent > conflicts of interest, they should be controlled by the same entities > whose data they are protecting. This really is putting it rather mildly. In every case I've analysed, if it isn't controlled by the owner of the data, it is impossible to secure. There may be some cunning wrinkle for some corner case that can work, but "to prevent conflicts of interest" ain't the half of it. Cheers, Ben. -- Ben Laurie |Phone: +44 (181) 735 0686| Apache Group member Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org/ and Technical Director|Email: ben@algroup.co.uk | A.L. Digital Ltd, |Apache-SSL author http://www.apache-ssl.org/ London, England. |"Apache: TDG" http://www.ora.com/catalog/apache/ WE'RE RECRUITING! http://www.aldigital.co.uk/recruit/
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |