W3C home > Mailing lists > Public > www-ws-arch@w3.org > June 2002

Re: proposed AC018 rewording

From: Mark Baker <distobj@acm.org>
Date: Thu, 20 Jun 2002 13:46:21 -0400
To: kreger@us.ibm.com
Cc: www-ws-arch@w3.org
Message-ID: <20020620134621.O24518@www.markbaker.ca>

Hi Heather,

On Thu, Jun 20, 2002 at 01:02:10PM -0400, kreger@us.ibm.com wrote:
> I don't understand your conclusion.
> Why would requiring security to be easily manageable reduce security?  And
> what do you mean by reduce security?

This is what I sent to Roger off-line;

I just meant that making it manageable does some things that are known
to cause security problems, even with the best of intentions of not doing
so.  Things such as;
  
- supplying an additional interface, which provides an additional point of
attack
- requires that security code be augmented with manageability code, which
reduces security purely by providing more code in which security bugs can
appear

There might be others, but those are the two biggies.

> Having it be in the management goal does not remove the requirement that
> security be manageable.

Right.  But if, for example, the group agreed that requiring security to
be manageable was too great of a security risk, then we could still say
that we met our security goal.

MB
-- 
Mark Baker, CTO, Idokorro Mobile (formerly Planetfred)
Ottawa, Ontario, CANADA.               distobj@acm.org
http://www.markbaker.ca        http://www.idokorro.com
Received on Thursday, 20 June 2002 13:36:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 3 July 2007 12:25:00 GMT