BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Why the dislike of X.509?
- Subject: [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Tue, 26 Aug 2014 13:17:54 -0400
- In-reply-to: <b1c57a406ed7a4dd35ca5dd248dffb1f.squirrel@mail.mohawksoft.com>
- References: <53F9F6B9.4060505@stephenadler.com> <20140824161132.GE14848@randomstring.org> <be314521ab6bebb6add54d706b042f01.squirrel@mail.mohawksoft.com> <53FA1C3B.70908@gmail.com> <53FB19E5.4080602@aeminium.org> <53FB4A5D.2030305@gmail.com> <CA+h9Qs5GnC6d1ejBQC=crtHwxoDiFWo4Kn+xjt0eiA8Kr733_A@mail.gmail.com> <53FB70E6.50706@gmail.com> <CA+h9Qs5THPNEir7tLZNjzLWMpod=9UGWTSCeZS2nCwVY0Ox=-w@mail.gmail.com> <53FB7F0A.40105@gmail.com> <253113e101a6fc1b75e160dfbd3d0dbe.squirrel@mail.mohawksoft.com> <53FB9325.9010200@gmail.com> <a7c1366d330261e2ee4906c8d08d0b94.squirrel@mail.mohawksoft.com> <53FB9E7A.5030808@gmail.com> <946844bdd8420720147712d216f1c037.squirrel@mail.mohawksoft.com> <53FCA1DD.60604@gmail.com> <b1c57a406ed7a4dd35ca5dd248dffb1f.squirrel@mail.mohawksoft.com>
On 8/26/2014 1:01 PM, markw at mohawksoft.com wrote: > There is no such thing as a security system that has "one" entity, well, > perhaps a stone or a brick. There is *always* at least one mechanism that > protects and one mechanism that provides access. An example is a code signing key. In a shared system, many agents possess copies of this key. Each agent is an entity. Each of these entities is a single point of compromise. In a distributed system, the code signing key is split and distributed among several agents. Again, each agent is an entity. Since no one entity has the entire key the compromise of one entity cannot compromise the whole key and thus the whole system. Does the explanation make sense? -- Rich P.
- Follow-Ups:
- [Discuss] Why the dislike of X.509?
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] Why the dislike of X.509?
- References:
- [Discuss] vnc
- From: adler at stephenadler.com (Stephen Adler)
- [Discuss] vnc
- From: dsr at randomstring.org (Dan Ritter)
- [Discuss] vnc
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] vnc
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] vnc
- From: nuno at aeminium.org (Nuno Sucena Almeida)
- [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Why the dislike of X.509?
- From: jabr at blu.org (John Abreau)
- [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Why the dislike of X.509?
- From: jabr at blu.org (John Abreau)
- [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Why the dislike of X.509?
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Why the dislike of X.509?
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Why the dislike of X.509?
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] Why the dislike of X.509?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Why the dislike of X.509?
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] vnc
- Prev by Date: [Discuss] Why the dislike of X.509?
- Next by Date: [Discuss] Why the dislike of X.509?
- Previous by thread: [Discuss] Why the dislike of X.509?
- Next by thread: [Discuss] Why the dislike of X.509?
- Index(es):
