[13836] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Announcing httpsy://, a YURL scheme

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Jul 14 20:05:38 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: Tyler Close <tyler@waterken.com>
Cc: cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: 14 Jul 2003 20:04:49 -0400
In-Reply-To: <E19c9HN-0001is-00@canteen.waterken.com>

Tyler Close <tyler@waterken.com> writes:
> I have demonstrated the theory behind YURLs by providing an
> implementation, the Waterken Browser, and by explaining how two
> other widely used systems implement the theory.

Having an implementation demonstrates nothing whatsoever about
security -- many implemented systems are, after all, insecure.

If you wish to demonstrate the security of your system, one would
expect a detailed explanation of the threat model you're trying to
address, and why those threats are thwarted by the design.

Perry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13836] in cryptography@c2.net mail archive

Re: Announcing httpsy://, a YURL scheme

daemon@ATHENA.MIT.EDU (Perry E. Metzger)Mon Jul 14 20:05:38 2003

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Jul 14 20:05:38 2003