[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Restricted storage
From: |
Bas Wijnen |
Subject: |
Re: Restricted storage |
Date: |
Thu, 1 Jun 2006 17:39:03 +0200 |
User-agent: |
Mutt/1.5.11+cvs20060403 |
On Thu, Jun 01, 2006 at 05:18:17AM -0400, Jonathan S. Shapiro wrote:
> > It's obvious that nobody else can read it, so no verification is needed
> > for that either.
>
> Statements of the form "It's obvious that..." have absolutely no place
> in engineering design discussions. Either there is a principled argument
> that can and should be clearly stated, or it really isn't obvious.
Ok. I am a user. I have confidence that the machine works, in particular the
TCB. I ask the TCB to give me, and nobody else, some opaque storage. I get
storage from the TCB.
How is it not obvious that nobody else can read this storage? The only weak
point in the argument in my trust in the TCB, but I'm going to need that, no
matter how I design it.
Thanks,
Bas
--
I encourage people to send encrypted e-mail (see http://www.gnupg.org).
If you have problems reading my e-mail, use a better reader.
Please send the central message of e-mails as plain text
in the message body, not as HTML and definitely not as MS Word.
Please do not use the MS Word format for attachments either.
For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
- Re: Restricted storage, Bas Wijnen, 2006/06/01
- Re: Restricted storage, Bas Wijnen, 2006/06/01
- Re: Restricted storage, Jonathan S. Shapiro, 2006/06/01
- Re: Restricted storage, Marcus Brinkmann, 2006/06/01
- Re: Restricted storage, Jonathan S. Shapiro, 2006/06/01
- Re: Restricted storage, Bas Wijnen, 2006/06/01
- Re: Restricted storage, Jonathan S. Shapiro, 2006/06/01
- Re: Restricted storage, Bas Wijnen, 2006/06/01