- From: Graham Klyne <GK@dial.pipex.com>
- Date: Mon, 26 Jul 1999 14:32:46 +0100
- To: Jacob Palme <jpalme@dsv.su.se>
- Cc: discuss@apps.ietf.org, smb@research.att.com
At 11:01 26/07/99 +0200, Jacob Palme wrote: >The document, like many other security documents, tells too much >about what will not work, too little on what will work. It seems as >if security experts are better at telling you that something is >dangerous or might not be secure, than telling you how to get >security. I would prefer to get more practical advice with >recommendations on how to get the security you want. I think this is a fair comment, that may also reflect the very nature of security. I am reminded of a little game that is very prevalent on a certain desktop operating system: Minesweeper. (The goal is to uncover a number of hidden mines by stomping on all the squares that do NOT contain mines: to stomp on a mine is sudden death.) Making systems secure seems a similar kind of activity: experts can tell us where mines are known to exist, but it is both imperative and very difficult to deduce where mines certainly do not exist. #g
Received on Monday, 26 July 1999 09:34:26 UTC