[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Monotone Security
From: |
Ethan Blanton |
Subject: |
Re: [Monotone-devel] Monotone Security |
Date: |
Thu, 16 Oct 2008 14:01:08 -0400 |
User-agent: |
Mutt/1.5.17+20080114 (2008-01-14) |
Daniel Carrera spake unto us the following wisdom:
>> All security has to go in the *recipient*, because the
>> sender could be completely malicious.
>
> Of course. Every check I have suggested has been server-side
> (recipient). The client (sender) is completely malicious.
The server isn't (necessarily) a trusted entity. When you grok that,
perhaps your positions will change. :-)
Ethan
--
The laws that forbid the carrying of arms are laws [that have no remedy
for evils]. They disarm only those who are neither inclined nor
determined to commit crimes.
-- Cesare Beccaria, "On Crimes and Punishments", 1764
signature.asc
Description: Digital signature
- Re: [Monotone-devel] Monotone Security, (continued)
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Jack Lloyd, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Jack Lloyd, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Nathaniel Smith, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Thomas Keller, 2008/10/17
- Re: [Monotone-devel] Monotone Security, Zack Weinberg, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security,
Ethan Blanton <=
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Zack Weinberg, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carrera, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Daniel Carosone, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Jack Lloyd, 2008/10/16
- Re: [Monotone-devel] Monotone Security, Markus Wanner, 2008/10/17
- [Monotone-devel] hypothetical - future-dated certs (Re: Monotone Security), Daniel Carosone, 2008/10/19
- [Monotone-devel] Re: hypothetical - future-dated certs (Re: Monotone Security), Markus Wanner, 2008/10/20
- Re: [Monotone-devel] Re: hypothetical - future-dated certs (Re: Monotone Security), Daniel Carosone, 2008/10/20
- Re: [Monotone-devel] Re: hypothetical - future-dated certs (Re: Monotone Security), Markus Wanner, 2008/10/20