[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to

To: "martin.rex@xxxxxxx" <martin.rex@xxxxxxx>, Mark Brown <mark@xxxxxxxxxxxxxxxxxxxx>
Subject: RE: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to
From: Stefan Santesson <stefans@xxxxxxxxxxxxx>
Date: Thu, 11 Jan 2007 19:39:24 +0000
Accept-language: en-US
Acceptlanguage: en-US
Cc: "tls@xxxxxxxx" <tls@xxxxxxxx>
In-reply-to: <200701111908.UAA01228@xxxxxxxxxxxxxxxxxxx>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <015d01c735aa$8dc8d490$6801a8c0@xxxxxxxxx> from "Mark Brown" at Jan 11, 7 12:01:38 pm <200701111908.UAA01228@xxxxxxxxxxxxxxxxxxx>
Thread-index: Acc1tP+dcoAzNarxQ1iYDP01JCX1BQAAeKMw
Thread-topic: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to

> A well engineered approach would not use a shotgun approach to
> security, but instead a tailored design that meets exactly
> the needs of the application, can be used for programmatically
> checking consistency an can create digital tamper-resistant
> proofs of transactions that contain all and only the necessary
> information that is necessary -- in which case it will be
> possible make it conforming with individual, case-specific
> legal and buisiness requirements.
>

Yes, don't we all wish we had that. Especially that we could agree on what "all and only the necessary
information that is necessary" is.

Another 10 years will pass before we get there unfortunately. In the meanwhile we will continue to conduct business based on passwords and totally spoofable security. In security, perfect has always been the enemy of the good.


Stefan Santesson
Senior Program Manager
Windows Security, Standards



_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to
  - From: Martin Rex

References:
- RE: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to
  - From: Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to
  - From: Martin Rex

Prev by Date: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
Next by Date: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
Previous by thread: Re: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to
Next by thread: Re: [TLS] Please discuss: draft-housley-evidence-extns-00 - use to
Index(es):
- Date
- Thread