ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] DCC and IP checksums

2003-03-12 18:48:26
from [David F. Skoll] [Permanent Link] 
On Wed, 12 Mar 2003, Hallam-Baker, Phillip wrote:


I don't trust sandboxes either.
But I do trust signed code that has been thoroughly reviewed.


I do not, necessarily.

Signed code is not really more secure than unsigned code, because it
only takes one piece of buggy signed code to open up an exploit.

The problem with PKI is that revocation is not very scalable or
reliable, so old, buggy signed code continues to do damage for a long
time.


We would be talking about a few hundred lines of code here,
not tens of thousands.


Nevertheless, I would still not trust it, and I doubt many other
administrators would either.

--
David.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Random thought, william
Next by Date:  Re: [Asrg] Lets Fix Mailing Lists, mathew
Previous by Thread:  RE: [Asrg] DCC and IP checksums, Vernon Schryver
Next by Thread:  RE: [Asrg] DCC and IP checksums, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]