[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Design principles and ethics
From: |
Bas Wijnen |
Subject: |
Re: Design principles and ethics |
Date: |
Wed, 3 May 2006 22:03:37 +0200 |
User-agent: |
Mutt/1.5.11+cvs20060403 |
On Wed, May 03, 2006 at 12:16:09PM -0600, Christopher Nelson wrote:
> So the basic security argument that is being made is that:
>
> A) There is a set of programs (services) that are under no one's
> authority, these constitute the TCB.
>
> B) There is a primordial arena that is opaque to everyone, from whence a
> user session is generated.
>
> C) The user has complete control of their own session, which means the
> implicit ability to examine and/or change all code and data to which the
> session has access.
>
> Is this correct?
Yes, I think so.
Note that this ability to examine and/or change doesn't have to be easy. For
example, it's useful to make it hard to change the password other than through
a secure method. Here secure means that you cannot mess up in a way that
leaves your session unreachable. However, "hard" is not "impossible". :-)
Thanks,
Bas
--
I encourage people to send encrypted e-mail (see http://www.gnupg.org).
If you have problems reading my e-mail, use a better reader.
Please send the central message of e-mails as plain text
in the message body, not as HTML and definitely not as MS Word.
Please do not use the MS Word format for attachments either.
For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
- Re: Design principles and ethics, (continued)
- Re: Design principles and ethics, Pierre THIERRY, 2006/05/03
- Re: Design principles and ethics, Bas Wijnen, 2006/05/04
- Re: Design principles and ethics, Pierre THIERRY, 2006/05/04
- Re: Design principles and ethics, Bas Wijnen, 2006/05/04
- Re: Design principles and ethics, Pierre THIERRY, 2006/05/04
- Re: Design principles and ethics, Bas Wijnen, 2006/05/04
- Re: Design principles and ethics, Pierre THIERRY, 2006/05/05
- Re: Design principles and ethics, Bas Wijnen, 2006/05/05
Re: Design principles and ethics, Marcus Brinkmann, 2006/05/04
RE: Design principles and ethics, Christopher Nelson, 2006/05/03
- Re: Design principles and ethics,
Bas Wijnen <=
RE: Design principles and ethics, Christopher Nelson, 2006/05/04
RE: Design principles and ethics, Christopher Nelson, 2006/05/04
RE: Design principles and ethics, Jonathan S. Shapiro, 2006/05/05