[3564] in cryptography@c2.net mail archive
Re: log files (was: Re: dbts: Cryptographic Dog Stocks, The
daemon@ATHENA.MIT.EDU (Bill Frantz)
Thu Oct 29 14:45:51 1998
In-Reply-To: <3.0.1.32.19981028153554.00a4cc3c@pop.bos.platinum.com>
Date: Thu, 29 Oct 1998 00:55:49 -0800
To: Hal Lockhart <Harold.Lockhart@platinum.com>,
Steve Bellovin <smb@research.att.com>
From: Bill Frantz <frantz@netcom.com>
Cc: Vin McLellan <vin@shore.net>, Robert Hettinga <rah@shipwright.com>,
cryptography@c2.net, cypherpunks@cyberpass.net, dbs@philodox.com,
e$@vmeng.com
At 12:35 PM -0800 10/28/98, Hal Lockhart wrote:
>2) (Future) Allow only strongly authenticated users. Either a) they are
>legitimate users whose identity is known and will presumably not try to
>hack the system, or b) they are attackers who have done something like
>steal the key of a legitimate user. In the later case, I admit you might
>want to see what they are typing, but it will not give you any information
>about the underlying problem -- their ability to obtain unauthorized keys.
There is a long history of legitimate users who attempt to exceed their
authorization. Double agents in the intelligence community and embezzlers
in the commercial world both come to mind.
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
frantz@netcom.com | the century would end. | Los Gatos, CA 95032, USA
