Subject: Policy-Discussion
List archive
- From: "Peter Williams" <home_pw AT msn.com>
- To: cacert-policy AT lists.cacert.org
- Subject: RE: ***Spam*** Re: [CAcert-Policy] What is CAcert's mission?
- Date: Tue, 21 Feb 2006 10:54:06 -0800
- List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
- List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
From: Philipp Gühring
<pg AT futureware.at>
Reply-To: Policy-Discussion
<cacert-policy AT lists.cacert.org>
To: Policy-Discussion
<cacert-policy AT lists.cacert.org>
Subject: ***Spam*** Re: [CAcert-Policy] What is CAcert's mission?
Date: Thu, 16 Feb 2006 22:29:17 +0100
(Take a look at PKCS#11 for example, to see how bad non-quality controlled
infrastructure can totally cannibalize the given standards)
Best regards,
Philipp Gühring
This is why I have such respect for Microsoft - not contempt, as many folks express. As an engineer, one can work in the Apple-style camp (good hardware made by yourself, OS made by you self, windows manager made by yourself, apps made by yourself, third party apps that you (used to) certify for quality), or the Windows camp (god knows what hardware crap is underneath, god know what drivers someone stuck above the HAL to customize the OS's use of hardware, only god know what apps are running on the OS whose install scripts changed the versions of the middleware libs, and noone knows how to test/fix such a thing except by using the "smell tests" built up over years of experience with the 80/20 rule.)
Addressing security in the 80/20 rule environment is a engineering challenge.
But at least we NOW have TPMs to rely upon, DONT WE- and, we NOW have TPMs that not only control the motherboard's processed programs to meet "integrity policy", not only do we also have virtualized TPMs built int the sever cores for controlling virtual machines' integrity mandates, TPM profiles can now ALSO control "offboard" storage/procesing on your USB/bussed devices such as memory sticks- the so-called "secure storage" concept.
Bye bye key escrow, welcome "'Secure' storage".
Bye bye GAK certs required to get a crypto key, welcome to TPM built into every "storage" device, enforcing "policy". Your policy? or theirs? is the interesting question.
What does that "policy" do, and who sets it? You, or "them"?
"Secure storage" - a euphamism, perhaps, for the _policy_ of key escrow - i.e. infrastucture faciltating _covert_ access to communications and data?
- Re: [CAcert-Policy] What is CAcert's mission?, Ian G, 02/16/2006
- Re: [CAcert-Policy] What is CAcert's mission?, Peter Saint-Andre, 02/16/2006
- Re: [CAcert-Policy] What is CAcert's mission?, Ian G, 02/16/2006
- Re: [CAcert-Policy] What is CAcert's mission?, Peter Saint-Andre, 02/16/2006
- ***Spam*** Re: [CAcert-Policy] What is CAcert's mission?, Philipp Gühring, 02/16/2006
- Re: ***Spam*** Re: [CAcert-Policy] What is CAcert's mission?, Peter Saint-Andre, 02/16/2006
- RE: ***Spam*** Re: [CAcert-Policy] What is CAcert's mission?, Peter Williams, 02/21/2006
- Re: [CAcert-Policy] What is CAcert's mission?, Duane, 02/21/2006
- ***Spam*** Re: [CAcert-Policy] What is CAcert's mission?, Philipp Gühring, 02/16/2006
- Re: [CAcert-Policy] What is CAcert's mission?, Peter Saint-Andre, 02/16/2006
- Re: [CAcert-Policy] What is CAcert's mission?, Ian G, 02/16/2006
- Re: [CAcert-Policy] What is CAcert's mission?, Peter Saint-Andre, 02/16/2006
Archive powered by MHonArc 2.6.16.