Re: what are realistic threats?

• To: tmplee@mr.net (Theodore M.P. Lee), www-security@ns1.rutgers.edu
• Subject: Re: what are realistic threats?
• From: hallam@dxal18.cern.ch
• Date: Thu, 29 Sep 94 11:07:46 +0100
• Cc: hallam@dxal18.cern.ch
• In-Reply-To: Your message of "Wed, 28 Sep 94 15:34:12 CST." <199409282032.PAA03101@riverside.mr.net>
• Reply-To: hallam@dxal18.cern.ch

>OK.  What about trojan horses in
>a) ncsa mosaic?
>b) ghostview?
>c) any or all of X?
>d) an http server?
>e) emacs/wordperfect/ms word?
>f) etc etc

This is why I think we need a standalone certificate scheme. The program may
reside on any server but has a certificate signed by the producer. Although
single rooted authentication hierarchies have problems most people would trust
the signature if signed by USGovt, MIT, W3O, AMEX and Peter Wright.

Phill. 

• Re: what are realistic threats?
• From: Karl Auerbach <karl@cavebear.com>
• Re: what are realistic threats?
• From: Larry Masinter <masinter@parc.xerox.com>

• re: what are realistic threats?
• From: tmplee@mr.net (Theodore M.P. Lee)

• Previous: Re: what are realistic threats
• Next: re: what are realistic threats
• Index(es):
  • Index
  • Thread