Re: what are realistic threats?

• To: Tim Berners-Lee <timbl@quag.lcs.mit.edu>
• Subject: Re: what are realistic threats?
• From: hallam@dxal18.cern.ch
• Date: Fri, 07 Oct 94 12:33:24 +0100
• Cc: hallam@dxal18.cern.ch, www-security@ns1.rutgers.edu
• In-Reply-To: Your message of "Thu, 06 Oct 94 17:46:35 -0400." <9410062146.AA05527@quag.lcs.mit.edu>
• Reply-To: hallam@dxal18.cern.ch

[Sorry about earlier blank posting, network prob.]

To sumarise Tim's post :

* Each user choses their own authentication hierarchy by compositing other
	hierarchies.


Within this general idea I think we need to expand just a little :-

* For user, read party. Organisations may have their own corporate systems of
	trust. If I sign a document to be paid for by CERN they will want their
	system of trust to be applied.

* Trust is context dependent. I may trust Joe not to send me a duff RFC but
	not trust him an inch with money

* Trust is limited, I may trust Joe to $10 and AMEX to $1000. 

But just to complicate matters:

* I almost certainly want to keep my personal system of trust private. I do
	not want Joe to know that I don't trust him. We cannot arbitrate simply
	by sending out our trust mapping to others. 

	Phill.

• Re: what are realistic threats?
• From: Tim Berners-Lee <timbl@quag.lcs.mit.edu>

• Previous: What is "certificate"? (was: what are realistic threats?)
• Next: RE: What is "certificate"? (was: what ar
• Index(es):
  • Index
  • Thread