- From: <franklin.reynolds@nokia.com>
- Date: Mon, 8 Apr 2002 04:16:02 -0400
- To: <GK@ninebynine.org>, <me@aaronsw.com>
- Cc: <reagle@w3.org>, <www-rdf-interest@w3.org>
I think I must not understand some important point of Joseph's proposal. It seems to me that: a. DNS spoofing would be a reasonable way to attack access to the content named by the reputation server or access to the reputation server itself. b. the reputation server might not be trustworthy (I am not talking about the ability to "game" the reputation server, I am talking about a dishonest reputation server) Franklin Reynolds > -----Original Message----- > From: ext Graham Klyne [mailto:GK@ninebynine.org] > Sent: Saturday, April 06, 2002 1:29 AM > To: Aaron Swartz > Cc: Joseph M. Reagle Jr.; RDF-Interest > Subject: Re: Think Piece: Key Free Trust in the Semantic Web > > > At 09:51 PM 4/4/02 -0600, Aaron Swartz wrote: > >MITM can occur in the static document scenario, if you > imagine the Man > >sitting at your ISP, slyly rewriting all the crypto that > comes thru. (I > >admit, this is a very paranoid scenario.) The attack here > would be to feed > >you (seemingly signed) documents that the real person never signed. > > What I think is interesting about Joseph's proposal is that however > paranoid you may be, it's difficult to believe that an attacker has > compromised every information source in the Internet, or even > a significant > majority of them. If you believe that, then I think you > might as well give > up on any form of security. > > I think the most pernicious attack is one in which one's > "usual" processing > platform is compromised: whatever security may exist to the > outside world, > information presented to the operator cannot be checked. I > think trust in > one's local platform is pretty much a prerequisite for any security. > > #g > > > ------------------- > Graham Klyne > <GK@NineByNine.org> > >
Received on Monday, 8 April 2002 04:16:23 UTC