From: Brad Templeton (brad@templetons.com)
Date: Sun Jul 19 1998 - 02:47:28 CDT
On Sun, Jul 19, 1998 at 03:09:54AM -0400, John Moreno wrote:
> Brad Templeton <brad@templetons.com> wrote:
>
> > On Sat, Jul 18, 1998 at 01:03:37AM -0400, John Moreno wrote:
> > > And what if it is the collapser who is doing the rewriting - all you can
> > > do is eventually discover that it was forged, you can't keep it from
> > > propagating, because it's the people/sites that you "trust" doing it.
> >
> > Yes, that is what trust means. You don't pick people you think are
> > going to break the trust. And you take comfort in the fact that all
> > activities are signed, so nobody can violate the trust in secret.
>
> Which is exactly what David said - it doesn't prevent abuse it simply
> offers a opportunity to track it.
"It doesn't prevent abuse" in the same sense that only giving your
sysadmin the root password doesn't prevent abuse and just lets you know
it was your admin if the root pw was abused.
In other words, I disagree. Only giving permission to people you trust
is not an absolute assurance against abuse, but it definitely prevents it,
and is by and large the way the world works.